Drupal Latest Vulnerabilities

December 10

Drupal Core Vulnerability Allows Object Injection Through Deserialization of Untrusted Data

CVE-2024-55636
Drupal

Deserialization of Untrusted Data Vulnerability Affects Drupal Core

CVE-2024-55637
Drupal

Drupal Core Vulnerability - XSS (Cross-Site Scripting)

CVE-2024-12393
DrupalDrupal Core

Privilege Escalation Vulnerability in Drupal Core

CVE-2024-55634
Drupal

Deserialization of Untrusted Data Vulnerability Affects Drupal Core

CVE-2024-55638
Drupal

December 5

Drupal Core Vulnerability Allows File Manipulation

CVE-2024-11942
DrupalDrupal Core

Excessive Allocation Vulnerability Affects Drupal Core

CVE-2024-11941
DrupalDrupal Core

August 29

File Path Disclosure Vulnerability in Drupal 11.x-dev

CVE-2024-45440
DrupalDrupal5.3MEDIUM

July 5

Drupal Wiki vulnerable to XSS via comments, captions, and image titles

CVE-2024-34481
DrupalDrupal Wiki6.1MEDIUM

September 28

Drupal core - Critical - Cache poisoning - SA-CORE-2023-006

CVE-2023-5256
DrupalCore7.5HIGH

May 1

Responsive Menus Configuration Setting responsive_menus.module responsive_menus_admin_form_submit cross site scripting

CVE-2018-25085
DrupalResponsive Menus2.4LOW

April 26

CVE-2022-25274
DrupalCore5.4MEDIUM

CVE-2023-31250
DrupalCore6.5MEDIUM

CVE-2022-25276
DrupalCore6.1MEDIUM

CVE-2022-25275
DrupalCore7.5HIGH

CVE-2022-25277
DrupalCore7.2HIGH

CVE-2022-25278
DrupalCore6.5MEDIUM

CVE-2022-25273
DrupalCore7.5HIGH

February 17

CVE-2022-25270
DrupalCore6.5MEDIUM

February 16

CVE-2022-25271
DrupalCore7.5HIGH

February 11

CVE-2020-13677
DrupalCore7.5HIGH

CVE-2020-13676
DrupalCore6.5MEDIUM

CVE-2020-13670
DrupalCore7.5HIGH

CVE-2020-13674
DrupalCore6.5MEDIUM

CVE-2020-13675
DrupalCore9.8CRITICAL

CVE-2020-13673
DrupalEntity Embed6.1MEDIUM

CVE-2020-13672
DrupalCore6.1MEDIUM

CVE-2020-13669
DrupalCore6.1MEDIUM

Access bypass in Drupal Core 8/9

CVE-2020-13668
DrupalCore6.1MEDIUM

June 11

CVE-2020-13688
DrupalDrupal Core6.1MEDIUM

CVE-2020-13663
DrupalDrupal Core8.8HIGH

May 17

CVE-2020-13667
DrupalDrupal Core5.3MEDIUM

May 5

CVE-2020-13664
DrupalDrupal Core8.8HIGH

CVE-2020-13662
DrupalDrupal Core6.1MEDIUM

CVE-2020-13665
DrupalDrupal Core9.8CRITICAL

CVE-2020-13666
DrupalDrupal Core6.1MEDIUM

December 17

CVE-2020-35191
DrupalDrupal Docker Images👾9.8CRITICAL

November 20

CVE-2020-13671
DrupalDrupal Core👾8.8HIGH

May 28

Drupal core - Critical - Access bypass - SA-CORE-2019-008

CVE-2019-6342
DrupalDrupal Core9.8CRITICAL

February 18

CVE-2013-4226
DrupalAuthenticated User Pag...6.5MEDIUM

January 14

CVE-2011-2715
DrupalData-module9.8CRITICAL

CVE-2011-2714
DrupalData-module6.1MEDIUM

December 16

CVE-2019-19826
DrupalViews Dynamic Field8.1HIGH

November 11

CVE-2019-18856
DrupalSvg Sanitizer7.5HIGH

November 6

CVE-2010-2471
DrupalDrupal66.1MEDIUM

March 26

Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004

CVE-2019-6341
DrupalDrupal Core5.4MEDIUM

February 21

Drupal core - Highly critical - Remote Code Execution

CVE-2019-6340
DrupalDrupal Core👾8.1HIGH

January 22

Access bypass in Drupal 8 views

CVE-2017-6923
DrupalDrupal Core6.5MEDIUM

third-party PEAR Archive_Tar library updates

CVE-2019-6338
DrupalDrupal Core8HIGH

Files uploaded by anonymous users into a private file system can be accessed by other anonymous users

CVE-2017-6922
DrupalDrupal Core6.5MEDIUM

PHAR stream wrapper Arbitrary PHP code execution

CVE-2019-6339
DrupalDrupal Core👾9.8CRITICAL

January 15

File REST resource does not properly validate

CVE-2017-6921
DrupalDrupal Core5.9MEDIUM

Search Autocomplete

CVE-2018-7603
Drupal3rd Party Module - Sea...6.1MEDIUM

REST API can bypass comment approval - Access Bypass - Moderately Critical

CVE-2017-6924
DrupalDrupal Core7.4HIGH

CVE-2017-6925
DrupalDrupal9.8CRITICAL

July 19

Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-004

CVE-2018-7602
DrupalCore👾9.8CRITICAL

March 29

CVE-2014-5170
DrupalStorage Api9.8CRITICAL

CVE-2018-7600
DrupalDrupal Before 7.58, 8....👾9.8CRITICAL

October 18

CVE-2015-7943
DrupalDrupal6.1MEDIUM

September 13

CVE-2015-7880
DrupalDrupal4.3MEDIUM

CVE-2015-2750
DrupalDrupal6.1MEDIUM

CVE-2015-2749
DrupalDrupal6.1MEDIUM

April 20

CVE-2017-6919
DrupalDrupal7.5HIGH

March 16

CVE-2017-6379
DrupalDrupal Core7.5HIGH

CVE-2017-6377
DrupalDrupal Core7.5HIGH

CVE-2017-6381
DrupalDrupal Core8.1HIGH

November 25

CVE-2016-9452
DrupalDrupal6.5MEDIUM

CVE-2016-9451
DrupalDrupal6.8MEDIUM

CVE-2016-9449
DrupalDrupal4.3MEDIUM

CVE-2016-9450
DrupalDrupal7.5HIGH

October 3

CVE-2016-7570
DrupalDrupal4.3MEDIUM

CVE-2016-7572
DrupalDrupal4.3MEDIUM

CVE-2016-7571
DrupalDrupal6.1MEDIUM

September 9

CVE-2016-6212
DrupalDrupal5.3MEDIUM

CVE-2016-6211
DrupalDrupal8.8HIGH

April 12

CVE-2016-3168
DrupalDrupal6.4MEDIUM

CVE-2016-3171
DrupalDrupal8.1HIGH

CVE-2016-3167
DrupalDrupal7.4HIGH

CVE-2016-3162
DrupalDrupal8.1HIGH

CVE-2016-3165
DrupalDrupal7.5HIGH

CVE-2016-3164
DrupalDrupal7.4HIGH

August 24

CVE-2015-6660
DrupalDrupal

CVE-2015-6658
DrupalDrupal

CVE-2015-6661
DrupalDrupal

CVE-2015-6659
DrupalDrupal

June 22

CVE-2015-3231
DrupalDrupal

CVE-2015-3232
DrupalDrupal

CVE-2015-3234
DrupalDrupal

CVE-2015-3233
DrupalDrupal

November 24

CVE-2014-9016
DrupalDrupal👾

CVE-2014-9015
DrupalDrupal

November 12

CVE-2014-8734
DrupalOrganic Groups Menu

October 22

CVE-2013-7407
DrupalMrbs Module

October 16

CVE-2014-8296
DrupalModal Frame

CVE-2014-3704
DrupalDrupal👾

October 14

CVE-2014-8765
DrupalProject Issue File Review

October 13

CVE-2014-8748
DrupalDoubleclick For Publis...

CVE-2014-8744
DrupalNivo Slider

CVE-2014-8743
DrupalMaestro

CVE-2014-8747
DrupalCommons