Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Drupal Drupal CoreDrupal core - Moderately critical - Cross-site scripting - SA-CORE-2026-003

Risk 38
Severity
6.1
First published (updated )
CVE-2026-6367

Drupal DrupalDrupal core - Moderately critical - Gadget Chain - SA-CORE-2026-002

Risk 61
Severity
6.6
First published (updated )
CVE-2026-6366

Drupal DrupalDrupal core - Critical - Cross-site scripting - SA-CORE-2026-001

Risk 38
Severity
6.1
First published (updated )
CVE-2026-6365

composer/drupal/coreDrupal core - Moderately critical - Gadget chain - SA-CORE-2025-006

Risk 45
Severity
5.9
First published (updated )
CVE-2025-13081

composer/drupal/coreDrupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004

Risk 25
Severity
5.4
EPSS
0.04%
First published (updated )
CVE-2025-31675
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Drupal DrupalThe Quick Edit module does not properly check entity access in some circumstances. This could result…

Risk 38
Severity
6.5
First published (updated )
CVE-2022-25270

composer/drupal/drupalDrupal core - Moderately critical - Access bypass - SA-CORE-2020-008

Risk 28
Severity
5.3
First published (updated )
CVE-2020-13667

Oracle REST Data ServicesJQuery Cross-Site Scripting (XSS) Vulnerability

Risk 65
Severity
6.9
Exploited
First published (updated )
CVE-2020-11023

Oracle Banking Digital ExperiencejQuery has a potential XSS vulnerability

Risk 49
Severity
6.9
First published (updated )
CVE-2020-11022

Oracle Application Testing SuiteXSS, Input Validation

Risk 65
Severity
6.1
Exploited
First published (updated )
CVE-2019-11358
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

composer/drupal/coreMalicious File Upload

Risk 39
Severity
6.5
First published (updated )
CVE-2017-6931

Debian Debian LinuxPrivate file access bypass.

Risk 33
Severity
5.3
First published (updated )
CVE-2017-6928

composer/drupal/coreAccess bypass in Drupal 8 views

Risk 39
Severity
6.5
First published (updated )
CVE-2017-6923

composer/drupal/coreFile REST resource does not properly validate

Risk 36
Severity
5.9
First published (updated )
CVE-2017-6921

Drupal DrupalInput Validation

Risk 26
Severity
5
First published (updated )
CVE-2014-5019
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Google Authenticator Login Project Ga LoginThe Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal a…

Risk 26
Severity
5
First published (updated )
CVE-2013-4178

Google Authenticator Login Project Ga LoginThe Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal d…

Risk 26
Severity
5
First published (updated )
CVE-2013-4177

Nathan Haug Filefield SourcesThe FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9 for Drupal does not p…

Risk 21
Severity
4
First published (updated )
CVE-2013-4502

Ubercart UbercartSession fixation vulnerability in the Ubercart module 6.x-2.x before 6.x-2.13 and 7.x-3.x before 7.x…

Risk 47
Severity
6.8
First published (updated )
CVE-2013-7302

Debian Debian LinuxInfoleak

Risk 26
Severity
5
First published (updated )
CVE-2014-2983
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Restful Web Services Project Restful Web ServicesInput Validation

Risk 22
Severity
4.3
First published (updated )
CVE-2013-1946

Sebastien Corbin Make Meeting Scheduler ModuleThe Make Meeting Scheduler module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to bypas…

Risk 40
Severity
6.4
First published (updated )
CVE-2013-4379

Node Access User Reference Project Nodeaccess Userreference ModuleThe Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal …

Risk 35
Severity
5.8
First published (updated )
CVE-2013-2123

Antti Alamki Prh SearchXSS

Risk 22
Severity
4.3
First published (updated )
CVE-2012-6576

Kristof De Jaeger Display SuiteXSS

Risk 22
Severity
4.3
First published (updated )
CVE-2013-2177
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Google Authenticator Login Project Ga LoginThe Google Authenticator login (ga_login) module 7.x before 7.x-1.3 for Drupal, when multi-factor au…

Risk 47
Severity
6.8
First published (updated )
CVE-2013-0258

Varnish Http Accelerator Integration Project VarnishXSS

Risk 22
Severity
4.3
First published (updated )
CVE-2013-0325

Drupal DrupalThe Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU…

Risk 26
Severity
5
First published (updated )
CVE-2013-0316

Guy Bedford Live CssUnrestricted file upload vulnerability in the Live CSS module 6.x-2.x before 6.x-2.1 and 7.x-2.x bef…

Risk 41
Severity
6
First published (updated )
CVE-2013-0206

Nodewords Project NodewordsInfoleak

Risk 22
Severity
4.3
First published (updated )
CVE-2012-5654
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203