8.8

CVSS3.1

CVE-2024-13282 - Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046

Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0.

๐Ÿ“… Published: Jan. 9, 2025, 7:35 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:27 p.m.

9.1

CVSS3.1

CVE-2024-13281 - Monster Menus - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-045

Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue affects Monster Menus: from 0.0.0 before 9.3.2.

๐Ÿ“… Published: Jan. 9, 2025, 7:35 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:28 p.m.

9.8

CVSS3.1

CVE-2024-13280 - Persistent Login - Moderately critical - Access bypass - SA-CONTRIB-2024-044

Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0.* before 2.2.2.

๐Ÿ“… Published: Jan. 9, 2025, 7:34 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:28 p.m.

9.8

CVSS3.1

CVE-2024-13279 - Two-factor Authentication (TFA) - Critical - Access bypass - SA-CONTRIB-2024-043

Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.8.0.

๐Ÿ“… Published: Jan. 9, 2025, 7:31 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:28 p.m.

9.1

CVSS3.1

CVE-2024-13278 - Diff - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-042

Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue affects Diff: from 0.0.0 before 1.8.0.

๐Ÿ“… Published: Jan. 9, 2025, 7:31 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:28 p.m.

9.1

CVSS3.1

CVE-2024-13277 - Smart IP Ban - Critical - Access bypass - SA-CONTRIB-2024-041

Incorrect Authorization vulnerability in Drupal Smart IP Ban allows Forceful Browsing.This issue affects Smart IP Ban: from 7.X-1.0 before 7.X-1.1.

๐Ÿ“… Published: Jan. 9, 2025, 7:29 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:29 p.m.

7.5

CVSS3.1

CVE-2024-13276 - File Entity (fieldable files) - Moderately critical - Information Disclosure - SA-CONTRIB-2024-040

Insertion of Sensitive Information Into Sent Data vulnerability in Drupal File Entity (fieldable files) allows Forceful Browsing.This issue affects File Entity (fieldable files): from 7.X-* before 7.X-2.39.

๐Ÿ“… Published: Jan. 9, 2025, 7:28 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:29 p.m.

5.3

CVSS3.1

CVE-2024-13275 - Security Kit - Less critical - Denial of Service - SA-CONTRIB-2024-039

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Drupal Security Kit allows HTTP DoS.This issue affects Security Kit: from 0.0.0 before 2.0.3.

๐Ÿ“… Published: Jan. 9, 2025, 7:27 p.m. ๐Ÿ”„ Last Modified: Sept. 2, 2025, 6:29 p.m.

5.3

CVSS3.1

CVE-2024-13274 - Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038

Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5.

๐Ÿ“… Published: Jan. 9, 2025, 7:27 p.m. ๐Ÿ”„ Last Modified: Jan. 14, 2025, 5:15 p.m.

5.4

CVSS3.1

CVE-2024-13273 - Open Social - Moderately critical - Cross Site Scripting, Denial of Service - SA-CONTRIB-2024-037

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Open Social allows Cross-Site Scripting (XSS).This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5, from 13.0.0 before 13.0.0-alpha11.

๐Ÿ“… Published: Jan. 9, 2025, 7:26 p.m. ๐Ÿ”„ Last Modified: Aug. 28, 2025, 1:03 p.m.
Total resulsts: 343910
Page 6671 of 34,391
ยซ previous page ยป next page
Filters