| CVE-2016-6211 |
high |
8.8 |
8.8 |
|
|
|
10y ago |
Drupal Saving user accounts can sometimes grant the user all roles |
| CVE-2017-6381 |
high |
8.1 |
8.1 |
|
|
|
9y ago |
Drupal Remote code execution |
| CVE-2016-5385 |
high |
8.1 |
8.1 |
|
|
|
10y ago |
HTTP Proxy header vulnerability |
| CVE-2016-3171 |
high |
8.1 |
8.1 |
|
|
|
10y ago |
Drupal arbitrary code execution |
| CVE-2016-3169 |
high |
8.1 |
8.1 |
|
|
|
10y ago |
Drupal saving user accounts can sometimes grant the user all roles |
| CVE-2016-3162 |
high |
8.1 |
8.1 |
|
|
|
10y ago |
Drupal File upload access bypass and denial of service |
| CVE-2020-13675 |
high |
— |
8.0 |
|
|
|
5y ago |
Unrestricted Upload of File with Dangerous Type in Drupal core |
| CVE-2020-13673 |
high |
— |
8.0 |
|
|
|
5y ago |
The Drupal core Media module allows embedding internal and external media in content fields. In certain circumstances, the filter could allow an unprivileged user to inject HTML into a page when it i… |
| CVE-2020-13677 |
high |
— |
8.0 |
|
|
|
5y ago |
Drupal core access bypass vulnerability |
| CVE-2020-13676 |
high |
— |
8.0 |
|
|
|
5y ago |
Incorrect Authorization in Drupal core |
| CVE-2020-13674 |
high |
— |
8.0 |
|
|
|
5y ago |
Cross-Site Request Forgery in Drupal core |
| CVE-2021-33829 |
high |
— |
8.0 |
|
|
|
5y ago |
ckeditor4 vulnerable to cross-site scripting |
| CVE-2017-6919 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Drupal access control bypass vulnerability |
| CVE-2017-6379 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Drupal Cross-Site Request Forgery (CSRF) |
| CVE-2017-6377 |
high |
7.5 |
7.5 |
|
|
|
9y ago |
Drupal editor module incorrectly checks access to inline private files |
| CVE-2016-9450 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
Drupal Incorrect cache context on password reset page |
| CVE-2016-3165 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
Drupal Form API ignores access restrictions on submit buttons |
| CVE-2016-3163 |
high |
7.5 |
7.5 |
|
|
|
10y ago |
Drupal Brute force amplification attacks via XML-RPC |
| CVE-2011-2687 |
high |
— |
7.5 |
|
|
|
15y ago |
Drupal Access Control Bypass |
| CVE-2016-3167 |
high |
7.4 |
7.4 |
|
|
|
10y ago |
Drupal Open redirect vulnerability in the drupal_goto function |
| CVE-2016-3164 |
high |
7.4 |
7.4 |
|
|
|
10y ago |
Drupal Open Redirect |
| CVE-2019-11358 |
low |
— |
3.5 |
|
|
|
7y ago |
RHSA-2021:4142: pcs security, bug fix, and enhancement update (Low) |
