6.6

CVSS3.1

CVE-2025-31693 - AI (Artificial Intelligence) - Moderately critical - Gadget Chain - SA-CONTRIB-2025-022

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5.

๐Ÿ“… Published: March 31, 2025, 9:51 p.m. ๐Ÿ”„ Last Modified: April 15, 2025, 2:58 p.m.

8.1

CVSS3.1

CVE-2025-26683 - Azure Playwright Elevation of Privilege Vulnerability

Improper authorization in Azure Playwright allows an unauthorized attacker to elevate privileges over a network.

๐Ÿ“… Published: March 31, 2025, 9:51 p.m. ๐Ÿ”„ Last Modified: Feb. 26, 2026, 7:08 p.m.

7.5

CVSS3.1

CVE-2025-31692 - AI (Artificial Intelligence) - Critical - Remote Code Execution - SA-CONTRIB-2025-021

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Drupal AI (Artificial Intelligence) allows OS Command Injection.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.5.

๐Ÿ“… Published: March 31, 2025, 9:50 p.m. ๐Ÿ”„ Last Modified: May 1, 2025, 2:36 p.m.

9.8

CVSS3.1

CVE-2025-31691 - OAuth2 Server - Moderately critical - Access bypass - SA-CONTRIB-2025-020

Missing Authorization vulnerability in Drupal OAuth2 Server allows Forceful Browsing.This issue affects OAuth2 Server: from 0.0.0 before 2.1.0.

๐Ÿ“… Published: March 31, 2025, 9:49 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:35 p.m.

8.8

CVSS3.1

CVE-2025-31690 - Cache Utility - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-019

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Cache Utility allows Cross Site Request Forgery.This issue affects Cache Utility: from 0.0.0 before 1.2.1.

๐Ÿ“… Published: March 31, 2025, 9:49 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:35 p.m.

8.1

CVSS3.1

CVE-2025-31689 - General Data Protection Regulation - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-โ€ฆ

Cross-Site Request Forgery (CSRF) vulnerability in Drupal General Data Protection Regulation allows Cross Site Request Forgery.This issue affects General Data Protection Regulation: from 0.0.0 before 3.0.1, from 3.1.0 before 3.1.2.

๐Ÿ“… Published: March 31, 2025, 9:45 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:35 p.m.

6.8

CVSS3.1

CVE-2025-31688 - Configuration Split - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2025-017

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Configuration Split allows Cross Site Request Forgery.This issue affects Configuration Split: from 0.0.0 before 1.10.0, from 2.0.0 before 2.0.2.

๐Ÿ“… Published: March 31, 2025, 9:45 p.m. ๐Ÿ”„ Last Modified: Aug. 28, 2025, 2:54 p.m.

6.1

CVSS3.1

CVE-2025-31687 - SpamSpan filter - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-016

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal SpamSpan filter allows Cross-Site Scripting (XSS).This issue affects SpamSpan filter: from 0.0.0 before 3.2.1.

๐Ÿ“… Published: March 31, 2025, 9:44 p.m. ๐Ÿ”„ Last Modified: Aug. 28, 2025, 2:53 p.m.

8.1

CVSS3.1

CVE-2025-31686 - Open Social - Less critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-015

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.

๐Ÿ“… Published: March 31, 2025, 9:44 p.m. ๐Ÿ”„ Last Modified: April 29, 2025, 4:15 p.m.

9.1

CVSS3.1

CVE-2025-31685 - Open Social - Moderately critical - Access bypass - SA-CONTRIB-2025-014

Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10.

๐Ÿ“… Published: March 31, 2025, 9:43 p.m. ๐Ÿ”„ Last Modified: April 29, 2025, 4:15 p.m.
Total resulsts: 349182
Page 6115 of 34,919
ยซ previous page ยป next page
Filters