Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drupal drupal 8.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-1000888
PEAR Archive_Tar version 1.4.3 and previous versions contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as file_exists, is_file, is_dir, etc). When extract is called witho...
Php Pear Archive Tar
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
1 EDB exploit
1 Article
NA
CVE-2009-3652
Cross-site scripting (XSS) vulnerability in Organic Groups (OG) 5.x-7.x prior to 5.x-7.4, 5.x-8.x prior to 5.x-8.1, and 6.x-1.x prior to 6.x-1.4, a module for Drupal, allows remote authenticated users, with create or edit group nodes permissions, to inject arbitrary web script or...
Moshe Weitzman Organic Groups 5.x-7.0-rc2
Moshe Weitzman Organic Groups 5.x-7.0-rc1
Moshe Weitzman Organic Groups 6.x-1.0
Moshe Weitzman Organic Groups 6.x-1.0-rc9
Moshe Weitzman Organic Groups 6.x-1.0-rc8
Moshe Weitzman Organic Groups 6.x-1.0-rc1
Moshe Weitzman Organic Groups 6.x-1.0-beta1
Moshe Weitzman Organic Groups 5.x-7.0
Moshe Weitzman Organic Groups 5.x-7.0-rc5
Moshe Weitzman Organic Groups 5.x-7.2
Moshe Weitzman Organic Groups 6.x-1.3
Moshe Weitzman Organic Groups 6.x-1.0-rc5
Moshe Weitzman Organic Groups 6.x-1.0-rc4
Moshe Weitzman Organic Groups 5.x-7.0-rc4
Moshe Weitzman Organic Groups 5.x-7.0-rc3
Moshe Weitzman Organic Groups 6.x-1.2
Moshe Weitzman Organic Groups 6.x-1.1
Moshe Weitzman Organic Groups 6.x-1.0-rc3
Moshe Weitzman Organic Groups 6.x-1.0-rc2
Moshe Weitzman Organic Groups 5.x-7.1
Moshe Weitzman Organic Groups 5.x-7.3
Moshe Weitzman Organic Groups 5.x-8.0
6.1
CVSSv3
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
98 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4