Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

Drupal AIAI (Artificial Intelligence) - Critical - Remote Code Execution - SA-CONTRIB-2025-021

high
7.5
EPSS
0.19%
First published (updated )
CVE-2025-31692

composer/drupal/coreDrupal core - Moderately critical - Gadget Chain - SA-CORE-2025-003

high
7.5
EPSS
0.06%
First published (updated )
CVE-2025-31674

Drupal Allow All File ExtensionsAllow All File Extensions for file fields - Critical - Unsupported - SA-CONTRIB-2024-075

high
7.3
First published (updated )
CVE-2024-13311

OpignoOpigno Learning path - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-029

high
7.5
First published (updated )
CVE-2024-13265

Drupal MigrateMigrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024

high
8.8
First published (updated )
CVE-2024-13260

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

DrupalImage Sizes - Moderately critical - Access bypass - SA-CONTRIB-2024-023

high
7.5
First published (updated )
CVE-2024-13259

Drupal ViewsREST Views - Moderately critical - Information Disclosure - SA-CONTRIB-2024-018

high
7.5
First published (updated )
CVE-2024-13254

DrupalDrupal Symfony Mailer Lite - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-014

high
8.8
First published (updated )
CVE-2024-13250

Drupal MigrateMigrate Tools - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-008

high
8.8
First published (updated )
CVE-2024-13244

Open SocialOpen Social - Moderately critical - Access bypass - SA-CONTRIB-2024-004

high
7.5
First published (updated )
CVE-2024-13240

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

composer/drupal/coreDrupal contains a vulnerability with improper handling of structural elements. If this vulnerability…

high
7.5
EPSS
0.05%
First published (updated )
CVE-2024-22362

composer/drupal/coreDrupal core - Critical - Cache poisoning - SA-CORE-2023-006

high
7.5
First published (updated )
CVE-2023-5256

composer/drupal/coreInput Validation

high
7.5
First published (updated )
CVE-2022-25273

TwigTwig may load a template outside a configured directory when using the filesystem loader

high
7.5
First published (updated )
CVE-2022-39261

composer/drupal/coreMalicious File Upload

high
7.2
First published (updated )
CVE-2022-25277

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

composer/drupal/coreDrupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012

high
7.5
First published (updated )
CVE-2022-25275

DrupalFailure to strip the Cookie header on change in host or HTTP downgrade in Guzzle

high
7.5
First published (updated )
CVE-2022-31042

DrupalFix failure to strip Authorization header on HTTP downgrade in Guzzle

high
7.5
First published (updated )
CVE-2022-31043

composer/guzzlehttp/guzzleCross-domain cookie leakage in Guzzle

high
8.1
First published (updated )
CVE-2022-29248

composer/guzzlehttp/psr7Improper Input Validation in guzzlehttp/psr7

high
7.5
First published (updated )
CVE-2022-24775

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Oracle Financial Services Analytical Applications InfrastructureRegular expression Denial of Service in dialog plugin

high
7.5
First published (updated )
CVE-2022-24729

DrupalInput Validation

high
7.5
First published (updated )
CVE-2022-25271

composer/drupal/coreUnder some circumstances, the Drupal core JSON:API module does not properly restrict access to certa…

high
7.5
First published (updated )
CVE-2020-13677

Oracle Banking APIsHTML comments vulnerability allowing to execute JavaScript code

high
8.2
First published (updated )
CVE-2021-41165

Oracle Banking APIsAdvanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML

high
8.2
First published (updated )
CVE-2021-41164

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Oracle Primavera GatewayXSS in `*Text` options of the Datepicker widget

high
7.2
First published (updated )
CVE-2021-41183

Oracle UnifierXSS in the `of` option of the `.position()` util

high
7.2
First published (updated )
CVE-2021-41184

Oracle UnifierXSS in the `altField` option of the Datepicker widget

high
7.2
First published (updated )
CVE-2021-41182

composer/drupal/drupalXSS

high
7.2
First published (updated )
CVE-2021-33829

Red Hat FedoraPEAR Archive_Tar Improper Link Resolution Vulnerability

high
7.5
Exploited
First published (updated )
CVE-2020-36193

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203