Filter
AND
AND

composer/drupal/coreDrupal Core Remote Code Execution Vulnerability

First published (updated )

composer/drupal/coreEntity access bypass for entities that do not have UUIDs or have protected revisions.

First published (updated )

composer/drupal/coreCode Injection

First published (updated )

Drupal DrupalMalicious File Upload

First published (updated )

composer/guzzlehttp/guzzleEnvironment Variable Injection

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Drupal DrupalRemote code execution

8.1
First published (updated )

Drupal DrupalFile upload access bypass and denial of service

8.1
First published (updated )

Fedoraproject FedoraPEAR Archive_Tar Deserialization of Untrusted Data Vulnerability

First published (updated )

Fedoraproject FedoraLast updated 3 September 2024

7.8
First published (updated )

composer/drupal/coreUnder some circumstances, the Drupal core JSON:API module does not properly restrict access to certa…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/drupal/coreDrupal core - Moderately critical - Information Disclosure - SA-CORE-2022-012

7.5
First published (updated )

Drupal DrupalIncorrect cache context on password reset page

7.5
First published (updated )

Drupal DrupalAccess bypass

7.5
First published (updated )

Symfony TwigTwig may load a template outside a configured directory when using the filesystem loader

7.5
First published (updated )

composer/guzzlehttp/psr7Improper Input Validation in guzzlehttp/psr7

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Oracle Financial Services Analytical Applications InfrastructureRegular expression Denial of Service in dialog plugin

7.5
First published (updated )

Drupal DrupalInput Validation

7.5
First published (updated )

composer/drupal/coreREST API can bypass comment approval.

7.4
First published (updated )

Drupal DrupalOpen redirect via path manipulation

7.4
First published (updated )

composer/drupal/coreMalicious File Upload

7.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/symfony/http-foundationCVE-2018-14773: Remove support for legacy and risky HTTP headers

First published (updated )

composer/drupal/coreFiles uploaded by anonymous users into a private file system can be accessed by other anonymous users

First published (updated )

composer/drupal/coreDrupal core - Moderately critical - Access Bypass - SA-CORE-2022-013

First published (updated )

composer/drupal/coreViews does not properly restrict access to the Ajax endpoint.

First published (updated )

Drupal DrupalInput Validation

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/drupal/coreXSS

First published (updated )

composer/drupal/coreXSS

First published (updated )

Drupal DrupalXSS

First published (updated )

composer/drupal/coreInput Validation

First published (updated )

Oracle Financial Services Analytical Applications InfrastructureCross-site Scripting in CKEditor4

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203