Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
packagist drupal/core Security Advisories
Loading...
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 3 days ago
GSA_kwCzR0hTQS0yOTd4LWo5cG0teGpnZ84AA7QY
Drupal Core Remote Code Execution VulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 3 days ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
GSA_kwCzR0hTQS02Y2N2LThmZ2YtY2pwd84AA5Og
Drupal core Denial of Service vulnerabilityEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 months ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
GSA_kwCzR0hTQS02MmNmLWp2cHAtNDhxNs4AA4du
Drupal Denial of Service vulnerabilityEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 3 months ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 4 months ago
GSA_kwCzR0hTQS14cTYyLTYyYzktMjJtZ84AA4Y2
Drupal Improper Access ControlEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: 4 months ago
Critical
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS1yanFnLTNoOW0tZng1eM4AA2IQ
Cache poisoning in drupal/coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
Critical
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS04ODQ5LWN2OWYtdmNjbc4AAy-9
Access bypass in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 1 year ago
GSA_kwCzR0hTQS1nMzZoLTRqcjYtcW1tOc4AAy-o
Improper input validation in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 1 year ago
GSA_kwCzR0hTQS00d2ZxLWpjOWgtdnBjeM4AAy-i
Lack of domain validation in Druple coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: about 1 year ago
GSA_kwCzR0hTQS03anI0LWhncXgtdndncc4AAy-k
Access bypass in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: about 1 year ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 1 year ago
GSA_kwCzR0hTQS1jZmgyLTdmNmgtM204Nc4AAy8f
Access bypass in Drupal CoreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 1 year ago
High
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 1 year ago
GSA_kwCzR0hTQS02OTU1LTY3aG0tdmpqcc4AAt2o
Drupal core arbitrary PHP code executionEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 26.8
Published: over 1 year ago
High
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: over 1 year ago
GSA_kwCzR0hTQS14aDN2LTZmOWotd3h3M84AAt2d
Drupal core Information Disclosure vulnerabilityEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: over 1 year ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1xZjJnLW1ycngtcnI1cM4AAo0h
Drupal Core Cross-site scripting vulnerabilityEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1tNjQ4LWhwZjgtcWNqd84AAozw
Drupal Core Cross-Site Request Forgery (CSRF) vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 2 years ago
GSA_kwCzR0hTQS14MnE5LXI4Z20tZjY1N84AAohb
Drupal Core Access bypass vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
GSA_kwCzR0hTQS04amoyLXgyZ2MtZ2dtN84AAoX_
Drupal Core Cross-site scripting vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
GSA_kwCzR0hTQS13eHFwLWp3YzktZzM5eM4AAoYB
Drupal Core Access bypass vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: almost 2 years ago
GSA_kwCzR0hTQS14NzJmLWdnanctdjV4aM4AAoYA
Drupal Core Arbitrary PHP code execution vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1nanFnLTlyaHYtcWo2N84AAoX9
Drupal Core Open Redirect vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: almost 2 years ago
GSA_kwCzR0hTQS1jbW1oLThtd3AtZ3E1cM4AAiGR
Drupal Cross Site Scripting (XSS) vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 20.1
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05NnZ4LXFmMjgtNmY4bc4AAdq5
Drupal Access Control BypassEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: almost 2 years ago
GSA_kwCzR0hTQS04MzZwLTZwNGotMzVjZ84AAdZS
Drupal Open RedirectEcosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mZzVxLXIycTUtcW1oM84AAdZQ
Drupal CRLF injection vulnerability in the drupal_set_header functionEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1xM3A5LTg3Mjgtd3E3eM4AAdZM
Drupal saving user accounts can sometimes grant the user all rolesEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
GSA_kwCzR0hTQS00Z2g1LTNocWoteDNwas4AAdZP
Drupal Form API ignores access restrictions on submit buttonsEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 23.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1xcXhjLWNwcGctNHhwOM4AAdYz
Drupal Reflected file download vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 23.8
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1neHd4LWM3bTgtZjk1aM4AAdYo
Drupal Open redirect vulnerability in the drupal_goto functionEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
GSA_kwCzR0hTQS13MnBqLWM4eDUtanZnMs4AAdXp
Drupal File upload access bypass and denial of serviceEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
GSA_kwCzR0hTQS02OWc4LWc5anEtNzR2N84AAdW6
Drupal arbitrary code executionEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
GSA_kwCzR0hTQS02ZzloLTZ2NzktdzRwY84AAdKR
Drupal Users without "Administer comments" can set comment visibility on nodes they can editEcosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mbXFoLTJqMngtdmdwM84AAdKO
Drupal Unprivileged access to config exportEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
GSA_kwCzR0hTQS12aGc4LXg4NTgtN3dxNs4AAdKN
Drupal Cross-site scripting (XSS) vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1yZnh4LWd4d2MtOTIzY84AAc9H
Drupal Views can allow unauthorized users to see Statistics informationEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1qcGo4LTQ5aHItd2N3ds4AAc7N
Drupal Denial of service via transliterate mechanismEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
GSA_kwCzR0hTQS05OHc1LXdxcDktdzQ2Ns4AAc69
Drupal Incorrect cache context on password reset pageEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 2 years ago
GSA_kwCzR0hTQS02NmdyLXhyY2YtOGpwcc4AAcG9
Drupal Open RedirectEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 25.3
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wNzQ1LTM0N2gtaGpmd84AAcG_
Drupal sensitive information disclosureEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 16.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
GSA_kwCzR0hTQS01dnByLXYyNHctbW1qas4AAXNU
Drupal cross site scripting vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: almost 2 years ago
GSA_kwCzR0hTQS13bTg2LXczY2YtaDZ2bc4AAXNG
Drupal external link injection vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 17.5
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
GSA_kwCzR0hTQS01ODVqLTU0NDktbWY1bc4AAXMs
Drupal cross-site scripting vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
GSA_kwCzR0hTQS0ycDI4LTVtdnAtMmoycs4AAXMk
Drupal Comment reply form allows access to restricted contentEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
GSA_kwCzR0hTQS05YzI0LWczMmctMzVyas4AAWPD
Drupal PECL YAML parser unsafe object handlingEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
GSA_kwCzR0hTQS03Zmg5LTkzM2ctODg1cM4AAUGf
Drupal Core Remote Code Execution VulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
Moderate
Ecosystems: packagist, npm
Packages: drupal/drupal, ckeditor-dev, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
GSA_kwCzR0hTQS1nNzhoLXBmNjUtNDZyds4AATTf
Enhanced Image plugin for CKEditor is vulnerable to Cross-site scripting (XSS)Ecosystems: packagist, npm
Packages: drupal/drupal, ckeditor-dev, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 2 years ago
GSA_kwCzR0hTQS03ZmZoLWNqdmctZnByNM4AASZT
Drupal Settings Tray access bypassEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 2 years ago
GSA_kwCzR0hTQS02Nm12LXE4cjItaGo4d84AASZx
Drupal access bypass vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 19.7
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
GSA_kwCzR0hTQS0zMzI3LWpyOTMtN2hxM84AASZL
Drupal access bypass vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1mNHF4LWpxZnEtNzc4Nc4AASZQ
Drupal Entity access bypass for entities that do not have UUIDs or have protected revisionsEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1yaHg5LTNxZjctcjNqN84AASYD
Drupal Remote code executionEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
GSA_kwCzR0hTQS13N3F4LXZ3cjktMmozcs4AASX9
Drupal editor module incorrectly checks access to inline private filesEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oMzc3LTI4N20tdzJyOc4AARY1
Drupal file REST resource does not properly validateEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.0
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 2 years ago
GSA_kwCzR0hTQS01OGYzLWN4OHAtaDhqZ84AARYs
Drupal core access bypass vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: almost 2 years ago
GSA_kwCzR0hTQS1wOGc2LTVtZzctOXI1cc4AARZN
Drupal REST API can bypass comment approvalEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.6
Published: almost 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
GSA_kwCzR0hTQS0zZ3g2LWg1N2gtcm0yN84AAQKY
Drupal Core Remote Code Execution VulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 30.2
Published: almost 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 2 years ago
GSA_kwCzR0hTQS1xcDhxLWd3ZjUtaHFoMs0_SQ
Drupal Cross-Site Scripting vulnerabilityEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 2 years ago
High
Ecosystems: packagist
Packages: typo3/cms, drupal/drupal, bugsnag/bugsnag-laravel, amphp/artax, padraic/humbug_get_contents, drupal/core, guzzlehttp/guzzle
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: about 2 years ago
GSA_kwCzR0hTQS1tNmNoLWdnNWYtd3h4M805QQ
HTTP Proxy header vulnerabilityEcosystems: packagist
Packages: typo3/cms, drupal/drupal, bugsnag/bugsnag-laravel, amphp/artax, padraic/humbug_get_contents, drupal/core, guzzlehttp/guzzle
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: about 2 years ago
High
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 2 years ago
GSA_kwCzR0hTQS1mbWZ2LXg4bXAtNTc2N80s5g
Improper input validation in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 2 years ago
GSA_kwCzR0hTQS03M3E0LWozMjQtMnFjY80s4w
Incorrect authorization in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 2 years ago
GSA_kwCzR0hTQS1tbWpyLTVxNzQtcDNtNM0rRQ
Exposure of Resource to Wrong Sphere in Drupal CoreEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
GSA_kwCzR0hTQS12OHdyLXI2OXAtbW13eM0rQw
Unrestricted Upload of File with Dangerous Type in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: about 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 2 years ago
GSA_kwCzR0hTQS1tNnE1LXd2NHgtZnY2aM0rRw
Cross-site Scripting in Drupal CoreEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: about 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 2 years ago
GSA_kwCzR0hTQS1qNTg2LWNqNjctdmc0cM0rQg
Cross-Site Request Forgery in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 2 years ago
High
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 2 years ago
GSA_kwCzR0hTQS0zeHIzLXBoanAtZzZwMs0rPA
Drupal core access bypass vulnerabilityEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 27.9
Published: about 2 years ago
Moderate
Ecosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 2 years ago
GSA_kwCzR0hTQS1xZmhnLW02cjgteHhwas0rPw
Incorrect Authorization in Drupal coreEcosystems: packagist
Packages: drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: about 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 2 years ago
GSA_kwCzR0hTQS04Y3c1LXJ2OTgtNWM0Ns0g-A
Arbitrary PHP code execution in DrupalEcosystems: packagist
Packages: drupal/core, drupal/drupal
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 2 years ago
High
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 2 years ago
GSA_kwCzR0hTQS02OGpjLXYyN2gtdmhtd80WbQ
Drupal core Unrestricted Upload of File with Dangerous TypeEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 32.8
Published: over 2 years ago
Critical
Ecosystems: packagist
Packages: drupal/drupal, drupal/core, typo3/phar-stream-wrapper
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 2 years ago
GSA_kwCzR0hTQS14djd2LXJmNmcteHdyY80WEA
Directory Traversal in typo3/phar-stream-wrapperEcosystems: packagist
Packages: drupal/drupal, drupal/core, typo3/phar-stream-wrapper
Source: GitHub Advisory Database
Blast Radius: 36.5
Published: over 2 years ago
Moderate
Ecosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJneDYtcmpqNC1jMzg4
ckeditor4 vulnerable to cross-site scriptingEcosystems: packagist, npm
Packages: drupal/drupal, drupal/core, ckeditor4
Source: GitHub Advisory Database
Blast Radius: 39.4
Published: almost 3 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc5OTYtcTVyOC13N2cy
Symfony Cross-site Scripting (XSS) vulnerabilityEcosystems: packagist
Packages: drupal/drupal, drupal/core, symfony/symfony, symfony/framework-bundle
Source: GitHub Advisory Database
Blast Radius: 25.8
Published: over 4 years ago
Moderate
Ecosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzZjYtZjI5Zi1yZ3Zw
Missing Authorization in DrupalEcosystems: packagist
Packages: drupal/drupal, drupal/core
Source: GitHub Advisory Database
Blast Radius: 24.2
Published: over 4 years ago
Statistics
Advisories: 18,151
Packages: 8,242
Repositories: 7
Ecosystems: 12
Packages: 8,242
Repositories: 7
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
moodle/moodle
318
magento/community-edition
182
pimcore/pimcore
116
dolibarr/dolibarr
105
typo3/cms
102
microweber/microweber
91
phpmyadmin/phpmyadmin
91
typo3/cms-core
73
thorsten/phpmyfaq
70
drupal/core
70
drupal/drupal
56
librenms/librenms
54
symfony/symfony
53
concrete5/concrete5
52
shopware/platform
48
baserproject/basercms
43
showdoc/showdoc
40
craftcms/cms
40
intelliants/subrion
40
nilsteampassnet/teampass
37
froxlor/froxlor
36
shopware/core
36
silverstripe/framework
32
snipe/snipe-it
32
mautic/core
28
centreon/centreon
27
shopware/shopware
27
getgrav/grav
27
magento/core
24
prestashop/prestashop
24
pocketmine/pocketmine-mp
23
remdex/livehelperchat
23
grumpydictator/firefly-iii
22
getkirby/cms
22
contao/core-bundle
21
contao/contao
18
tribalsystems/zenario
18
forkcms/forkcms
18
cakephp/cakephp
17
symfony/security
17
genix/cms
17
cockpit-hq/cockpit
17
francoisjacquet/rosariosis
17
simplesamlphp/simplesamlphp
17
yetiforce/yetiforce-crm
16
topthink/framework
15
openmage/magento-lts
15
symfony/security-http
14
typo3/cms-backend
14
zendframework/zendframework1
14
ezsystems/ezpublish-kernel
14
ec-cube/ec-cube
14
phpmailer/phpmailer
14
smarty/smarty
14
elefant/cms
13
codeigniter4/framework
13
impresscms/impresscms
13
october/system
13
phpmyfaq/phpmyfaq
12
studio-42/elfinder
12
dompdf/dompdf
12
bolt/bolt
12
phpbb/phpbb
12
lavalite/cms
12
zendframework/zendframework
11
feehi/cms
11
feehi/feehicms
11
silverstripe/cms
11
pimcore/admin-ui-classic-bundle
10
admidio/admidio
10
opencart/opencart
10
pagekit/pagekit
10
wallabag/wallabag
10
ezsystems/ezplatform-kernel
10
sylius/sylius
10
wwbn/avideo
10
nukeviet/nukeviet
10
laravel/framework
10
TinyMCE
9
tinymce
9
tinymce/tinymce
9
alextselegidis/easyappointments
9
concrete5/core
9
kevinpapst/kimai2
9
october/october
9
ssddanbrown/bookstack
9
funadmin/funadmin
9
gilacms/gila
8
sulu/sulu
8
codiad/codiad
8
yiisoft/yii2
8
october/cms
8
facturascripts/facturascripts
8
pimcore/customer-management-framework-bundle
8
croogo/croogo
8
flarum/core
7
statamic/cms
7
symfony/http-foundation
7
silverstripe/graphql
7
silverstripe/admin
7
october/backend
7
symfony/http-kernel
6
composer/composer
6
yiisoft/yii2-dev
6
zoujingli/thinkadmin
6
bagisto/bagisto
6
guzzlehttp/guzzle
6
directmailteam/direct-mail
6
wpglobus/wpglobus
6
pterodactyl/panel
6
nystudio107/craft-seomatic
6
dweeves/magmi
6
contao/core
6
yourls/yourls
6
in2code/femanager
6
backdrop/backdrop
6
automad/automad
5
elgg/elgg
5
symfony/security-core
5
cachethq/cachet
5
gleez/cms
5
phpseclib/phpseclib
5
simplesamlphp/saml2
5
vrana/adminer
5
ezsystems/ezplatform-admin-ui
5
silverstripe/assets
5
thinkcmf/thinkcmf
5
phpxmlrpc/phpxmlrpc
5
billz/raspap-webgui
5
typo3/cms-install
5
oro/platform
5
anchorcms/anchor-cms
5
bottelet/flarepoint
5
pear/archive_tar
5
gugoan/economizzer
5
ibexa/core
5
oro/commerce
4
bytefury/crater
4
modx/revolution
4
appwrite/server-ce
4
evolutioncms/evolution
4
notrinos/notrinos-erp
4
shopware/storefront
4
phpservermon/phpservermon
4
wp-premium/gravityforms
4
pyrocms/pyrocms
4
magento/product-community-edition
4
bref/bref
4
typo3/cms-frontend
4
codeigniter4/shield
4
woocommerce/woocommerce
4
wintercms/winter
4
idno/known
4
spatie/browsershot
4
typo3/html-sanitizer
4
symfony/security-bundle
4
joomla/joomla-cms
3
prestashop/productcomments
3
processwire/processwire
3
quickapps/cms
3
mantisbt/mantisbt
3
phpoffice/phpspreadsheet
3
ckeditor4
3
joomla/framework
3
codeigniter/framework
3
symfony/form
3
illuminate/database
3
zencart/zencart
3
typo3/cms-form
3
qcubed/qcubed
3
verbb/comments
3
icecoder/icecoder
3
yiisoft/yii
3
flarum/framework
3
shopxo/shopxo
3
rudloff/alltube
3
enshrined/svg-sanitize
3
enhavo/enhavo-app
3
phenx/php-svg-lib
3
facade/ignition
3
tecnickcom/tcpdf
3
artesaos/seotools
3
sylius/resource-bundle
3
ezsystems/ezpublish-legacy
3
buddypress/buddypress
3
bbpress/bbpress
3
adodb/adodb-php
3
kimai/kimai
3
froala/wysiwyg-editor
3
limesurvey/limesurvey
3
apache-solr-for-typo3/solr
3
verot/class.upload.php
3
zendframework/zendopenid
3
zendframework/zendrest
3
zendframework/zendservice-audioscrobbler
3
uvdesk/community-skeleton
3
zendframework/zendservice-nirvanix
3
zendframework/zendservice-amazon
3
zendframework/zendservice-api
3
zendframework/zendservice-slideshare
3