Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Improper Input ValidationCVE-2012-1589
Affects drupal7 | Versions <7.14-1
Has fix
debian:8Published 18 May 2012
  • M
Improper Input ValidationCVE-2012-1589
Affects drupal7 | Versions <7.14-1
Has fix
debian:9Published 18 May 2012
  • L
Cross-site Request Forgery (CSRF)CVE-2007-6752
Affects drupal7 | Versions *
No fix available
ubuntu:16.04Published 28 Mar 2012
  • L
Cross-site Request Forgery (CSRF)CVE-2007-6752
Affects drupal7 | Versions *
No fix available
ubuntu:14.04Published 28 Mar 2012
  • M
Cross-site Request Forgery (CSRF)CVE-2007-6752
Affects drupal7 | Versions *
No fix available
debian:8Published 28 Mar 2012
  • L
Cross-site Request Forgery (CSRF)CVE-2007-6752
Affects drupal7 | Versions *
No fix available
debian:9Published 28 Mar 2012
  • H
Access Restriction BypassCVE-2011-2687
Affects drupal7 | Versions <7.2-1
Has fix
debian:8Published 27 Jul 2011
  • H
Access Restriction BypassCVE-2011-2687
Affects drupal7 | Versions <7.2-1
Has fix
debian:9Published 27 Jul 2011
  • M
Cross-site Scripting (XSS)
Affects drupal/bootstrap | Versions >=3.0.0, <3.14.0
Has fix
ComposerPublished 21 May 2019
  • L
User Interface (UI) Misrepresentation of Critical InformationCVE-2025-13082
Affects drupal/core | Versions >=8.0.0, <10.4.9>=10.5.0, <10.5.6>=11.0.0, <11.1.9>=11.2.0, <11.2.8
Has fix
ComposerPublished 20 Nov 2025
  • L
Use of Web Browser Cache Containing Sensitive InformationCVE-2025-13083
Affects drupal/core | Versions >=8.0.0, <10.4.9>=10.5.0, <10.5.6>=11.0.0, <11.1.9>=11.2.0, <11.2.8
Has fix
ComposerPublished 20 Nov 2025
  • H
Deserialization of Untrusted DataCVE-2025-13081
Affects drupal/core | Versions >=8.0.0, <10.4.9>=10.5.0, <10.5.6>=11.0.0, <11.1.9>=11.2.0, <11.2.8
Has fix
ComposerPublished 20 Nov 2025
  • M
Improper Check for Unusual or Exceptional ConditionsCVE-2025-13080
Affects drupal/core | Versions >=8.0.0, <10.4.9>=10.5.0, <10.5.6>=11.0.0, <11.1.9>=11.2.0, <11.2.8
Has fix
ComposerPublished 20 Nov 2025
  • M
Incorrect AuthorizationCVE-2025-31673
Affects drupal/core | Versions <10.3.13>=10.4.0, <10.4.3>=11.0.0, <11.0.12>=11.1.0, <11.1.3
Has fix
ComposerPublished 6 Apr 2025
  • M
Cross-site Scripting (XSS)CVE-2025-31675
Affects drupal/core | Versions <10.3.14>=10.4.0, <10.4.5>=11.0.0, <11.0.13>=11.1.0, <11.1.5
Has fix
ComposerPublished 6 Apr 2025
  • L
Improperly Controlled Modification of Dynamically-Determined Object AttributesCVE-2025-31674
Affects drupal/core | Versions <10.3.13>=10.4.0, <10.4.3>=11.0.0, <11.0.12>=11.1.0, <11.1.3
Has fix
ComposerPublished 6 Apr 2025
  • M
Cross-site Scripting (XSS)CVE-2025-3057
Affects drupal/core | Versions <10.3.13>=10.4.0, <10.4.3>=11.0.0, <11.0.12>=11.1.0, <11.1.3
Has fix
ComposerPublished 6 Apr 2025
  • C
Improperly Controlled Modification of Dynamically-Determined Object AttributesCVE-2024-55638
Affects drupal/core | Versions >=8.8.0, <10.2.11>=10.3.0, <10.3.9
Has fix
ComposerPublished 10 Dec 2024
  • C
Improperly Controlled Modification of Dynamically-Determined Object AttributesCVE-2024-55636
Affects drupal/core | Versions >=8.8.0, <10.2.11>=10.3.0, <10.3.9>=11.0.0, <11.0.8
Has fix
ComposerPublished 10 Dec 2024
  • C
Improperly Controlled Modification of Dynamically-Determined Object AttributesCVE-2024-55637
Affects drupal/core | Versions >=8.8.0, <10.2.11>=10.3.0, <10.3.9>=11.0.0, <11.0.8
Has fix
ComposerPublished 10 Dec 2024
  • H
Improper Handling of Case SensitivityCVE-2024-55634
Affects drupal/core | Versions >=8.8.0, <10.2.11>=10.3.0, <10.3.9>=11.0.0, <11.0.8
Has fix
ComposerPublished 10 Dec 2024
  • M
Cross-site Scripting (XSS)CVE-2024-12393
Affects drupal/core | Versions >=8.8.0, <10.2.11>=10.3.0, <10.3.9>=11.0.0, <11.0.8
Has fix
ComposerPublished 10 Dec 2024
  • H
Infinite loopCVE-2024-11941
Affects drupal/core | Versions >=10.1.0, <10.1.8>=10.2.0, <10.2.2
Has fix
ComposerPublished 6 Dec 2024
  • H
Detection of Error Condition Without ActionCVE-2024-11942
Affects drupal/core | Versions >=10.0.0, <10.2.10
Has fix
ComposerPublished 6 Dec 2024
  • M
Information ExposureCVE-2024-45440
Affects drupal/core | Versions >=8.0.0, <10.2.9>=10.3.0, <10.3.6>=11.0.0, <11.0.5
Has fix
ComposerPublished 30 Aug 2024
  • H
Denial of Service (DoS)
Affects drupal/core | Versions >=10.1.0, <10.1.8>=10.2.0, <10.2.2
Has fix
ComposerPublished 26 Apr 2024
  • M
Cross-site Scripting (XSS)CVE-2020-13688
Affects drupal/core | Versions <8.8.10>=8.9.0, <8.9.6>=9.0.0, <9.0.6
Has fix
ComposerPublished 24 Apr 2024
  • M
URL Redirection to Untrusted Site ('Open Redirect')CVE-2016-9451
Affects drupal/core | Versions <8.2.3
Has fix
ComposerPublished 24 Apr 2024
  • H
Improper Handling of Structural Elements Leading to Denial of Service (DoS)CVE-2024-22362
Affects drupal/core | Versions <10.0.0
Has fix
ComposerPublished 16 Jan 2024
  • M
Information ExposureCVE-2023-5256
Affects drupal/core | Versions >=8.7.0, <9.5.11>=10.0.0, <10.0.11>=10.1.0, <10.1.4
Has fix
ComposerPublished 29 Sept 2023