Filter
AND

Versions

7.0
89
6.0
73
7.0-alpha1
55
7.0-alpha2
55
7.0-alpha3
55
7.0-alpha4
55
7.0-alpha5
55
7.0-alpha6
55
7.0-alpha7
55
7.0-dev
55
7.1
55
7.2
55
6.1
54
6.2
54
7.0-beta1
54
7.0-beta2
54
7.0-beta3
54
7.0-rc1
54
7.0-rc2
54
7.0-rc3
54
7.0-rc4
54
7.10
54
6.3
52
7.3
52
7.4
52
7.11
51
7.12
51
7.5
50
7.6
50
7.7
50
7.8
50
7.9
50
5.0
49
7.13
48
6.4
47
7.14
46
6.5
45
7.15
44
6.0-beta2
43
6.0-beta3
43
6.0-beta4
43
6.10
43
6.6
43
6.0-beta1
42
7.16
42
7.17
42
6.11
41
6.7
41
6.8
41
6.12
40
6.14
40
6.9
40
7.18
40
6.13
39
7.x-dev
39
6.15
38
6.0-dev
37
6.16
37
6.17
37
7.19
37
6.0-rc1
36
6.0-rc2
36
6.0-rc3
36
6.0-rc4
36
7.20
36
7.21
36
7.22
36
7.23
36
8.0.0
34
6.20
32
6.18
31
7.24
31
6.19
30
6.21
30
6.22
30
5.1
29
6.23
29
7.25
29
7.26
29
7.27
29
7.28
29
6.24
28
6.25
27
6.26
27
5.2
26
7.29
25
7.30
25
6.27
24
4.6.1
23
5.4
23
5.3
22
6.28
22
7.33
22
7.34
22
4.6.0
21
5.7
20
7.35
20
7.36
20
7.37
20
4.6.2
19
4.6.3
19
6.29
19
6.30
19
6.31
19
5.5
18
5.6
18
5.8
18
5.9
18
4.5.1
17
5.10
17
6.32
17
4.5.2
16
4.6.4
16
7.38
16
8.9.0
16
4.5.3
15
4.6.5
15
4.7.0
15
4.6
14
4.6.6
14
4.7.1
14
6.33
14
6.34
14
8.8.0
14
9.0.0
14
4.7.2
13
5.11
13
9.2.0
13
9.3.0
13
4.6.7
12
6.35
12
7.31
12
7.32
12
8.0.1
12
8.0.2
12
8.0.3
12
4.5.4
11
4.5.5
11
4.6.8
11
4.7
11
4.7.3
11
5.12
11
5.1_rev1.1
11
6.36
11
7.40
11
8.5.0
11
4.5.0
10
5.0-beta1
10
5.0-beta2
10
5.0-rc1
10
5.0-rc2
10
7.41
10
8.0.0-alpha10
10
8.0.0-alpha11
10
8.0.0-alpha12
10
8.0.0-alpha13
10
8.0.0-alpha14
10
8.0.0-alpha15
10
8.0.0-alpha2
10
8.0.0-alpha3
10
8.0.0-alpha4
10
8.0.0-alpha5
10
8.0.0-alpha6
10
8.0.0-alpha7
10
8.0.0-alpha8
10
8.0.0-alpha9
10
8.0.0-beta1
10
8.0.0-beta10
10
8.0.0-beta11
10
8.0.0-beta12
10
8.0.0-beta13
10
8.0.0-beta14
10
8.0.0-beta15
10
8.0.0-beta16
10
8.0.0-beta2
10
8.0.0-beta3
10
8.0.0-beta4
10
8.0.0-beta6
10
8.0.0-beta7
10
8.0.0-beta9
10
8.0.0-rc1
10
8.0.0-rc2
10
8.0.0-rc3
10
8.0.0-rc4
10
4.6.9
9
5.13
9
5.14
9
5.15
9
5.16
9
7.42
9
8.0.4
9
8.0.5
9
8.0.6
9
8.1.0
9
8.1.0-beta1
9
8.1.0-beta2
9
8.1.0-rc1
9
8.1.1
9
8.1.2
9
8.6.0
9
9.1.0
9
4.4.1
8
4.4.2
8
4.5
8
4.5.6
8
4.7.4
8
5.5.
8
6.0-rc-1
8
6.0-rc-2
8
6.0-rc-3
8
6.0-rc-4
8
6.37
8
8.1.3
8
8.1.4
8
8.1.5
8
8.1.6
8
8.1.7
8
8.1.8
8
8.1.9
8
4.5.7
7
4.7.5
7
4.7.6
7
8.2.0
7
8.2.0-beta1
7
8.2.0-beta2
7
8.2.0-beta3
7
8.2.0-rc1
7
8.2.0-rc2
7
8.2.1
7
4.0.0
6
4.6.10
6
8.2.2
6
8.4.0
6
8.7.0
6
4.1.0
5
4.2.0_rc
5
4.4.0
5
4.4.3
5
4.5.8
5
4.6.11
5
4.7.7
5
4.7.8
5
5.17
5
5.18
5
5.19
5
5.20
5
8.1.10
5
9.4.0
5
4.4
4
4.7.10
4
4.7.9
4
4.7_rev1.15
4
4.7_rev_1.15
4
4.7_rev_1.2
4
5.0-dev
4
5.21
4
5.22
4
7.39
4
7.43
4
8.2.3
3
8.2.4
3
8.2.5
3
8.2.6
3
4.0
2
5.23
2
5.x-dev
2
7.44
2
7.50
2
7.51
2
9.4.0-alpha1
2
9.4.0-beta1
2
9.4.0-rc1
2
10.0
1
10.0.0
1
10.1.0
1
2023-05-09
1
4.7_revision_1.2
1
6
1
6-beta1
1
6.x-dev
1
7.0.0
1
7.57
1
7.70
1
7.82
1
7.x-1.0
1
7.x-1.0-rc1
1
7.x-1.0-rc2
1
7.x-1.1
1
7.x-1.2
1
7.x-1.3
1
7.x-1.4
1
8.0-alpha10
1
8.0-alpha11
1
8.0-alpha12
1
8.0-alpha13
1
8.0-alpha14
1
8.0-alpha15
1
8.0-alpha2
1
8.0-alpha3
1
8.0-alpha4
1

composer/drupal/corecore/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) …

First published (updated )

composer/drupal/coreDrupal contains a vulnerability with improper handling of structural elements. If this vulnerability…

7.5
EPSS
0.05%
First published (updated )

Drupal DrupalDrupal core - Critical - Cache poisoning - SA-CORE-2023-006

7.5
First published (updated )

Drupal DrupalThe file download facility doesn't sufficiently sanitize file paths in certain situations. This may …

First published (updated )

Drupal DrupalXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Drupal DrupalDrupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not c…

First published (updated )

Drupal DrupalInput Validation

7.5
First published (updated )

Symfony TwigTwig may load a template outside a configured directory when using the filesystem loader

7.5
First published (updated )

composer/drupal/coreMalicious File Upload

7.2
First published (updated )

composer/drupal/coreDrupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/drupal/coreDrupal core - Moderately critical - Access Bypass - SA-CORE-2022-013

First published (updated )

Drupal DrupalFailure to strip the Cookie header on change in host or HTTP downgrade in Guzzle

7.5
First published (updated )

Drupal DrupalFix failure to strip Authorization header on HTTP downgrade in Guzzle

7.5
First published (updated )

composer/guzzlehttp/guzzleCross-domain cookie leakage in Guzzle

8.1
First published (updated )

composer/guzzlehttp/psr7Improper Input Validation in guzzlehttp/psr7

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Financial Services Analytical Applications InfrastructureCross-site Scripting in CKEditor4

First published (updated )

Oracle Financial Services Analytical Applications InfrastructureRegular expression Denial of Service in dialog plugin

7.5
First published (updated )

Drupal DrupalThe Quick Edit module does not properly check entity access in some circumstances. This could result…

First published (updated )

Drupal DrupalInput Validation

7.5
First published (updated )

composer/drupal/coreUnder some circumstances, the Drupal core JSON:API module does not properly restrict access to certa…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/drupal/coreThe QuickEdit module does not properly check access to fields in some circumstances, which can lead …

First published (updated )

Drupal DrupalCSRF

First published (updated )

Drupal DrupalMalicious File Upload

First published (updated )

Drupal DrupalDrupal core - Moderately critical - Cross site scripting - SA-CORE-2022-002

First published (updated )

Oracle Banking ApisHTML comments vulnerability allowing to execute JavaScript code

8.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Banking ApisAdvanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML

8.2
First published (updated )

Oracle Primavera GatewayXSS in `*Text` options of the Datepicker widget

7.2
First published (updated )

Oracle Primavera UnifierXSS in the `of` option of the `.position()` util

7.2
First published (updated )

Oracle Primavera UnifierXSS in the `altField` option of the Datepicker widget

7.2
First published (updated )

Drupal DrupalXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203