Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Drupal Core 9.0.x Information Disclosure (9.0.0 - 9.0.5) CVE-2020-13670 CWE-200 CWE-200 High Drupal Core 9.0.x Multiple Cross-Site Scripting Vulnerabilities (9.0.0 - 9.0.5) CVE-2020-13666 CVE-2020-13668 CVE-2020-13669 CVE-2020-13688 CWE-79 CWE-79 High Drupal Core 9.0.x Multiple Security Bypass Vulnerabilities (9.0.0 - 9.0.14) CVE-2020-13675 CVE-2020-13676 CVE-2020-13677 CWE-284 CWE-284 High Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.7) CVE-2020-13671 CWE-434 CWE-434 High Drupal Core 9.0.x Remote Code Execution (9.0.0 - 9.0.8) CVE-2020-28948 CVE-2020-28949 CWE-434 CWE-434 High Drupal Core 9.0.x Security Bypass (9.0.0 - 9.0.5) CVE-2020-13667 CWE-264 CWE-264 High Drupal Core 9.1.x Arbitrary File Overwrite (9.1.0 - 9.1.2) CVE-2020-36193 CWE-73 CWE-73 High Drupal Core 9.1.x Cross-Site Request Forgery (9.1.0 - 9.1.12) CVE-2020-13673 CVE-2020-13674 CWE-352 CWE-352 High Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.6) CVE-2020-13672 CWE-79 CWE-79 High Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.8) CVE-2021-33829 CWE-79 CWE-79 High Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.11) CWE-79 CWE-79 High Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.13) CWE-79 CWE-79 High Drupal Core 9.1.x Directory Traversal (9.1.0 - 9.1.10) CVE-2021-32610 CWE-22 CWE-22 High Drupal Core 9.1.x Multiple Security Bypass Vulnerabilities (9.1.0 - 9.1.12) CVE-2020-13675 CVE-2020-13676 CVE-2020-13677 CWE-284 CWE-284 High Drupal Core 9.2.x Cross-Site Request Forgery (9.2.0 - 9.2.5) CVE-2020-13673 CVE-2020-13674 CWE-352 CWE-352 High Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.3) CWE-79 CWE-79 High Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.8) CWE-79 CWE-79 High Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.10) CVE-2021-41184 CWE-79 CWE-79 High Drupal Core 9.2.x Directory Traversal (9.2.0 - 9.2.1) CVE-2021-32610 CWE-22 CWE-22 High Drupal Core 9.2.x Multiple Security Bypass Vulnerabilities (9.2.0 - 9.2.5) CVE-2020-13675 CVE-2020-13676 CVE-2020-13677 CWE-284 CWE-284 High Drupal Core 9.2.x Multiple Vulnerabilities (9.2.0 - 9.2.14) CVE-2022-24728 CVE-2022-24729 CWE-79 CWE-400 CWE-79 CWE-400 High Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.12) CVE-2022-25270 CWE-264 CWE-264 High Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.15) CVE-2022-24775 CWE-20 CWE-20 High Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.17) CVE-2022-25273 CWE-20 CWE-20 High Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.19) CVE-2022-29248 CWE-264 CWE-264 High Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.20) CVE-2022-31042 CVE-2022-31043 CWE-284 CWE-284 High Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.2) CVE-2021-41184 CWE-79 CWE-79 High Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.18) CVE-2022-25276 CWE-79 CWE-79 High Drupal Core 9.3.x Multiple Vulnerabilities (9.3.0 - 9.3.7) CVE-2022-24728 CVE-2022-24729 CWE-79 CWE-400 CWE-79 CWE-400 High Drupal Core 9.3.x Remote Code Execution (9.3.0 - 9.3.18) CVE-2022-25277 CWE-434 CWE-434 High Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.5) CVE-2022-25271 CWE-20 CWE-20 High Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.8) CVE-2022-24775 CWE-20 CWE-20 High Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.11) CVE-2022-25274 CWE-264 CWE-264 High Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.13) CVE-2022-29248 CWE-264 CWE-264 High Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.15) CVE-2022-31042 CVE-2022-31043 CWE-284 CWE-284 High Drupal Core 9.3.x Security Bypass (9.3.0 - 9.3.18) CVE-2022-25278 CWE-264 CWE-264 High Drupal Core 9.4.x Cross-Site Scripting (9.4.0 - 9.4.2) CVE-2022-25276 CWE-79 CWE-79 High Drupal Core 9.4.x Remote Code Execution (9.4.0 - 9.4.2) CVE-2022-25277 CWE-434 CWE-434 High Drupal Core 9.4.x Security Bypass (9.4.0 - 9.4.2) CVE-2022-25275 CWE-264 CWE-264 High Drupal Core Cross-Site Scripting (8.0.0 - 9.1.15) CVE-2021-41184 CWE-79 CWE-79 High Drupal Core Cross-Site Scripting (8.0.0 - 9.2.21) CVE-2022-25276 CWE-79 CWE-79 High Drupal Core Multiple Vulnerabilities (8.0.0 - 9.1.15) CVE-2022-24728 CVE-2022-24729 CWE-79 CWE-400 CWE-79 CWE-400 High Drupal Core Remote Code Execution (8.0.0 - 9.2.21) CVE-2022-25277 CWE-434 CWE-434 High Drupal Core Security Bypass (8.0.0 - 9.1.15) CVE-2022-24775 CWE-20 CWE-20 High Drupal Core Security Bypass (8.0.0 - 9.2.21) CVE-2022-25275 CWE-264 CWE-264 High Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-6379) CVE-2017-6379 CWE-352 CWE-352 High Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-13663) CVE-2020-13663 CWE-352 CWE-352 High Drupal CVE-2008-4793 Vulnerability (CVE-2008-4793) CVE-2008-4793 High Drupal CVE-2014-1475 Vulnerability (CVE-2014-1475) CVE-2014-1475 High Drupal CVE-2017-6919 Vulnerability (CVE-2017-6919) CVE-2017-6919 High Drupal CVE-2017-6930 Vulnerability (CVE-2017-6930) CVE-2017-6930 High Drupal Data Processing Errors Vulnerability (CVE-2016-3171) CVE-2016-3171 High Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6338) CVE-2019-6338 CWE-502 CWE-502 High Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6340) CVE-2019-6340 CWE-502 CWE-502 High Drupal Deserialization of Untrusted Data Vulnerability (CVE-2020-28948) CVE-2020-28948 CWE-502 CWE-502 High Drupal Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-13670) CVE-2020-13670 CWE-668 CWE-668 High Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-6926) CVE-2017-6926 CWE-200 CWE-200 High Drupal Improper Access Control Vulnerability (CVE-2016-3162) CVE-2016-3162 CWE-284 CWE-284 High Drupal Improper Access Control Vulnerability (CVE-2016-3165) CVE-2016-3165 CWE-284 CWE-284 High Drupal Improper Access Control Vulnerability (CVE-2016-5385) CVE-2016-5385 CWE-284 CWE-284 High Drupal Improper Access Control Vulnerability (CVE-2020-13677) CVE-2020-13677 CWE-284 CWE-284 High Drupal Improper Authentication Vulnerability (CVE-2019-10911) CVE-2019-10911 CWE-287 CWE-287 High Drupal Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-1921) CVE-2005-1921 CWE-94 CWE-94 High Drupal Improper Input Validation Vulnerability (CVE-2007-6299) CVE-2007-6299 CWE-20 CWE-20 High Drupal Improper Input Validation Vulnerability (CVE-2022-24775) CVE-2022-24775 CWE-20 CWE-20 High Drupal Improper Input Validation Vulnerability (CVE-2022-25271) CVE-2022-25271 CWE-20 CWE-20 High Drupal Improper Input Validation Vulnerability (CVE-2022-25273) CVE-2022-25273 CWE-20 CWE-20 High Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-36193) CVE-2020-36193 CWE-22 CWE-22 High Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-39261) CVE-2022-39261 CWE-22 CWE-22 High Drupal Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2020-28949) CVE-2020-28949 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2020-13664) CVE-2020-13664 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-2999) CVE-2008-2999 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-3223) CVE-2008-3223 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3704) CVE-2014-3704 CWE-138 CWE-138 High Drupal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-6659) CVE-2015-6659 CWE-138 CWE-138 High 1...11121314...165 12 / 165
