CVE-2018-7602 critical —
10.0
8y ago
A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.
arch php
CVE-2018-7600 critical —
10.0
8y ago
Drupal Core contains a remote code execution vulnerability that could allow an attacker to exploit multiple attack vectors on a Drupal site, resulting in complete site compromise.
arch php
CVE-2020-13672 critical —
9.5
5y ago
Drupal core Cross-site Scripting (XSS) vulnerability
arch php
CVE-2016-9452 medium 6.5
6.5
10y ago
Drupal Denial of service via transliterate mechanism
arch php
CVE-2016-3168 medium 6.4
6.4
10y ago
Drupal Reflected file download vulnerability
debian php
CVE-2016-7571 medium 6.1
6.1
10y ago
Drupal Cross-site scripting (XSS) vulnerability
php
CVE-2016-3166 medium 5.9
5.9
10y ago
Drupal CRLF injection vulnerability in the drupal_set_header function
debian php
CVE-2013-6389 medium —
5.8
13y ago
Drupal has open redirect vulnerability in the Overlay module
php
CVE-2012-1589 medium —
5.8
14y ago
Drupal Open Redirect
php
CVE-2016-6212 medium 5.3
5.3
10y ago
Drupal Views can allow unauthorized users to see Statistics information
php
CVE-2016-3170 medium 5.3
5.3
10y ago
Drupal sensitive information disclosure
debian php
CVE-2016-9449 medium 4.3
4.3
10y ago
Drupal sensitive information disclosure
arch php
CVE-2016-7572 medium 4.3
4.3
10y ago
Drupal Unprivileged access to config export
php
CVE-2016-7570 medium 4.3
4.3
10y ago
Drupal Users without "Administer comments" can set comment visibility on nodes they can edit
php
CVE-2012-2153 medium —
4.0
14y ago
Drupal improper access restrictions
php
CVE-2010-3094 low —
2.1
16y ago
Drupal cross-site scripting vulnerability via actions feature and trigger module
php