Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • C
Deserialization of Untrusted Data		drupal/core>=8, <8.3.4Composer21 Jun 2017
  • M
Information Exposure		drupal/core>=7, <7.56>=8, <8.3.4Composer21 Jun 2017
  • H
Access Restriction Bypass		drupal/core>=8.3, <8.3.1<8.2.8Composer19 Apr 2017
  • H
Arbitrary Code Execution		drupal/core>=8.0, <8.2.7Composer15 Mar 2017
  • H
Cross-site Request Forgery (CSRF)		drupal/core>=8.0, <8.2.7Composer15 Mar 2017
  • H
Access Restriction Bypass		drupal/core>=8.0, <8.2.7Composer15 Mar 2017
  • H
Cache Poisoning		drupal/core>=8, <8.2.3Composer16 Nov 2016
  • M
Information Exposure		drupal/core>=8, <8.2.3Composer16 Nov 2016
  • M
Denial of Service (DoS)		drupal/core>=8, <8.2.3Composer16 Nov 2016
  • M
Access Restriction Bypass		drupal/core>=8, <8.1.10Composer21 Sept 2016
  • M
Cross-site Scripting (XSS)		drupal/core>=8, <8.1.10Composer21 Sept 2016
  • M
Access Restriction Bypass		drupal/core>=8, <8.1.10Composer21 Sept 2016
  • H
HTTP Header Injection		drupal/core>=8, <8.1.7Composer18 Jul 2016
  • M
Information Exposure		drupal/core>=8, <8.1.3Composer15 Jun 2016
  • H
Privilege Escalation		drupal/core>=7, <7.44Composer15 Jun 2016
  • M
Reflected File Download		drupal/core>=6, <6.38>=7, <7.43Composer15 Feb 2016
  • H
Open Redirect		drupal/core>=6, <6.38>=7, <7.43>=8.0, <8.0.4Composer15 Feb 2016
  • H
Open Redirect		drupal/core>=6, <6.38Composer15 Feb 2016
  • H
Deserialization of Untrusted Data		drupal/core>=6, <6.38Composer15 Feb 2016
  • H
Brute Force		drupal/core>=6, <6.38>=7, <7.43Composer15 Feb 2016
  • M
Information Exposure		drupal/core>=7, <7.43>=8, <8.0.4Composer15 Feb 2016
  • H
Privilege Escalation		drupal/core>=6, <6.38>=7, <7.43Composer15 Feb 2016
  • H
Access Restriction Bypass		drupal/core>=6, <6.38Composer15 Feb 2016
  • M
HTTP Header Injection		drupal/core>=6, <6.38Composer15 Feb 2016
  • H
Denial of Service (DoS)		drupal/core>=7, <7.43>=8.0, <8.0.4Composer15 Feb 2016
  • H
Arbitrary Code Execution		drupal/core-recommended<8.8.12>=8.9.0, <8.9.10>=9.0.0, <9.0.9Composer4 Dec 2020
  • H
Open Redirect		drupal/drupal>=7.0, <7.24Composer31 Oct 2024
  • H
Arbitrary Code Execution		drupal/drupal<8.8.12>=8.9.0, <8.9.10>=9.0.0, <9.0.9Composer4 Dec 2020
  • M
Access Restriction Bypass		drupal/drupal>=8.0.0, <8.1.0>=8.1.0, <8.2.0>=8.2.0, <8.3.0>=8.3.0, <8.4.0>=8.4.0, <8.5.0>=8.5.0, <8.6.0>=8.6.0, <8.7.0>=8.7.0, <8.8.0>=8.8.0, <8.8.10>=8.9.0, <8.9.6>=9.0.0, <9.0.6Composer18 Sept 2020
  • M
Information Disclosure		drupal/drupal>=8.0.0, <8.1.0>=8.1.0, <8.2.0>=8.2.0, <8.3.0>=8.3.0, <8.4.0>=8.4.0, <8.5.0>=8.5.0, <8.6.0>=8.6.0, <8.7.0>=8.7.0, <8.8.0>=8.8.0, <8.8.10>=8.9.0, <8.9.6>=9.0.0, <9.0.6Composer18 Sept 2020