Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Drupal — Vulnerabilities & Security Advisories 295

Browse all 295 CVE security advisories affecting Drupal. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products Drupal:Drupal CorecoreOpen SocialEnterprise MFA - TFA for DrupalAI (Artificial Intelligence)COOKiES Consent ManagementTwo-factor Authentication (TFA)One Time PasswordAuthenticator LoginOpenID Connect / OAuth clientFacetsData-moduleKlaro Cookie & Consent ManagementAccess codeQuick Node BlockSimple KlaroGoogle TagEmail TFACivicTheme Design SystemAcquia DAMDrupalPOST FileParagraphs tableTagifyDrupal CanvasLogin DisableNode Access Rebuild ProgressiveMonster MenusFile Entity (fieldable files)File Access Fix (deprecated)
CVE IDTitleCVSSSeverityPaused
CVE-2024-13238 Typogrify - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-002 — TypogrifyCWE-79 6.1 -2025-01-09
CVE-2024-13237 File Entity (fieldable files) - Moderately critical - Cross Site Scripting, Access bypass - SA-CONTRIB-2024-001 — File Entity (fieldable files)CWE-79 6.1 -2025-01-09
CVE-2024-55638 Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008 — Drupal CoreCWE-915 9.8 -2024-12-09
CVE-2024-55637 Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-007 — Drupal CoreCWE-915 9.8 -2024-12-09
CVE-2024-55636 Drupal core - Less critical - Gadget chain - SA-CORE-2024-006 — Drupal CoreCWE-915 9.8 -2024-12-09
CVE-2024-55635 Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005 — Drupal CoreCWE-79 6.1 -2024-12-09
CVE-2024-55634 Drupal core - Moderately critical - Access bypass - SA-CORE-2024-004 — Drupal CoreCWE-178 8.8 -2024-12-09
CVE-2024-12393 Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2024-003 — Drupal CoreCWE-79 6.1 -2024-12-09
CVE-2024-11942 Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002 — Drupal CoreCWE-390 9.1 -2024-12-05
CVE-2024-11941 Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001 — Drupal CoreCWE-835 7.5 -2024-12-05
CVE-2024-45440 Drupal 安全漏洞 — Drupal core 5.3AIMediumAI2024-08-29
CVE-2023-5256 Drupal core - Critical - Cache poisoning - SA-CORE-2023-006 — CoreCWE-200 9.1 -2023-09-28
CVE-2023-31250 Drupal core - Moderately critical - Access bypass - SA-CORE-2023-005 — Core 6.5 -2023-04-26
CVE-2022-25278 Drupal 访问控制错误漏洞 — Core 6.5 -2023-04-26
CVE-2022-25277 Drupal 代码问题漏洞 — Core 8.2 -2023-04-26
CVE-2022-25276 Drupal 跨站脚本漏洞 — Core 6.1 -2023-04-26
CVE-2022-25275 Drupal 安全漏洞 — Core 8.8 -2023-04-26
CVE-2022-25274 Drupal 安全漏洞 — Core 8.1 -2023-04-26
CVE-2022-25273 Drupal core 输入验证错误漏洞 — Core 7.5 -2023-04-26
CVE-2022-25270 Drupal 访问控制错误漏洞 — Core 6.5 -2022-02-16
CVE-2022-25271 Drupal 输入验证错误漏洞 — CoreCWE-20 7.5 -2022-02-16
CVE-2020-13677 Drupal 安全漏洞 — CoreCWE-284 5.9 -2022-02-11
CVE-2020-13676 Drupal 访问控制错误漏洞 — CoreCWE-284 6.5 -2022-02-11
CVE-2020-13670 Drupal core 信息泄露漏洞 — Core 7.5 -2022-02-11
CVE-2020-13674 Drupal QuickEdit module 跨站请求伪造漏洞 — CoreCWE-352 6.5 -2022-02-11
CVE-2020-13675 Drupal 代码问题漏洞 — CoreCWE-284 9.1 -2022-02-11
CVE-2020-13673 Drupal 跨站脚本漏洞 — Entity EmbedCWE-352 6.1 -2022-02-11
CVE-2020-13672 Drupal跨站脚本漏洞 — CoreCWE-79 6.1 -2022-02-11
CVE-2020-13669 Drupal core 跨站脚本漏洞 — CoreCWE-79 6.1 -2022-02-11
CVE-2020-13668 Access bypass in Drupal Core 8/9 — Core 7.2 -2022-02-11

This page lists every published CVE security advisory associated with Drupal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.