Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Arbitrary File Upload		drupal/core<8.7.11>=8.8.0, <8.8.1Composer22 Dec 2019
  • C
Improper Access Control		drupal/core>=8.7.4, <8.7.5Composer18 Jul 2019
  • M
Cross-site Scripting (XSS)		drupal/core<8.5.15>=8.6.0, <8.6.15Composer24 Apr 2019
  • M
Arbitrary Code Execution		drupal/core<8.5.15>=8.6.0, <8.6.15Composer24 Apr 2019
  • M
Access Control Bypass		drupal/core<8.5.15>=8.6.0, <8.6.16Composer24 Apr 2019
  • M
Cross-site Scripting (XSS)		drupal/core>=7.0, <7.65>=8.5, <8.5.14>=8.6, <8.6.13Composer26 Mar 2019
  • M
Cross-site Scripting (XSS)		drupal/core>=7.0, <7.65>=8.0.0, <8.5.14>=8.6.0, <8.6.13Composer21 Mar 2019
  • H
Remote Code Execution (RCE)		drupal/core<8.5.11>=8.6.0, <8.6.10Composer22 Feb 2019
  • H
Arbitrary Code Execution		drupal/core>=7.0.0, <7.6.2>=8.5.0, <8.5.9>=8.6.0, <8.6.6Composer4 Feb 2019
  • C
Remote Code Execution		drupal/core>=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2Composer22 Oct 2018
  • C
Remote Code Execution		drupal/core>=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2Composer22 Oct 2018
  • H
Open Redirect		drupal/core>=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2Composer22 Oct 2018
  • C
Access Restriction Bypass		drupal/core>=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2Composer22 Oct 2018
  • H
Open Redirect		drupal/core>=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2Composer22 Oct 2018
  • H
Open Redirect		drupal/core>=7.0.0, <7.60>=8.0.0, <8.5.8>=8.6.0, <8.6.2Composer22 Oct 2018
  • M
Cross-site Scripting (XSS)		drupal/core>=8.0.0, <8.4.7>=8.5.0, <8.5.2Composer10 May 2018
  • C
Arbitrary Code Execution		drupal/core<7.59>=8.0, <8.4.8>=8.5.0, <8.5.3Composer10 May 2018
  • M
Cross-site Scripting (XSS)		drupal/core<8.4.7>=8.5.0, <8.5.2Composer2 May 2018
  • C
Arbitrary Code Execution		drupal/core<7.58>=8.0, <8.3.9>=8.4.0, <8.4.6>=8.5.0, <8.5.1Composer2 Apr 2018
  • M
Cross-site Scripting (XSS)		drupal/core>=7.0, <7.57>=8.0, <8.4.5Composer6 Mar 2018
  • M
Cross-site Scripting (XSS)		drupal/core>=7.0.0, <7.57>=8.0.0, <8.4.0Composer6 Mar 2018
  • M
Access Restriction Bypass		drupal/core>=8.0, <8.4.5Composer5 Mar 2018
  • M
Link Injection		drupal/core>=7.0, <7.57Composer5 Mar 2018
  • M
Access Restriction Bypass		drupal/core>=7.0, <7.57Composer5 Mar 2018
  • H
Information Exposure		drupal/core>=8.4.0, <8.4.5Composer5 Mar 2018
  • H
Access Restriction Bypass		drupal/core>=8.4, <8.4.5Composer5 Mar 2018
  • M
Authentication Bypass		drupal/core>=8.0, <8.3.7Composer16 Aug 2017
  • M
Access Restriction Bypass		drupal/core>=8.0, <8.3.7Composer16 Aug 2017
  • M
Access Restriction Bypass		drupal/core>=8.0, <8.3.7Composer16 Aug 2017
  • C
Deserialization of Untrusted Data		drupal/core>=8, <8.3.4Composer21 Jun 2017