CVEs and Security Vulnerabilities

Export limit exceeded: 344010 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (344010 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-13301	1 Miniorange	1 Oauth \& Openid Connect Single Sign-on	2025-09-02	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client) allows Cross-Site Scripting (XSS).This issue affects OAuth & OpenID Connect Single Sign On – SSO (OAuth/OIDC Client): from 3.0.0 before 3.44.0, from 4.0.0 before 4.0.19.
CVE-2024-13302	1 Ciandt	1 Pages Restriction Access	2025-09-02	5.3 Medium
Incorrect Authorization vulnerability in Drupal Pages Restriction Access allows Forceful Browsing.This issue affects Pages Restriction Access: from 2.0.0 before 2.0.3.
CVE-2024-13303	1 Download All Files Project	1 Download All Files	2025-09-02	5.3 Medium
Missing Authorization vulnerability in Drupal Download All Files allows Forceful Browsing.This issue affects Download All Files: from 0.0.0 before 2.0.2.
CVE-2024-13310	1 Git Utilities Project	1 Git Utilities	2025-09-02	6.5 Medium
Vulnerability in Drupal Git Utilities for Drupal.This issue affects Git Utilities for Drupal: ..
CVE-2024-13311	1 Allow All File Extensions For File Fields Project	1 Allow All File Extensions For File Fields	2025-09-02	7.3 High
Vulnerability in Drupal Allow All File Extensions for file fields.This issue affects Allow All File Extensions for file fields: ..
CVE-2024-13275	1 Security Kit Project	1 Security Kit	2025-09-02	5.3 Medium
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Drupal Security Kit allows HTTP DoS.This issue affects Security Kit: from 0.0.0 before 2.0.3.
CVE-2024-13276	1 File Entity Project	1 File Entity	2025-09-02	7.5 High
Insertion of Sensitive Information Into Sent Data vulnerability in Drupal File Entity (fieldable files) allows Forceful Browsing.This issue affects File Entity (fieldable files): from 7.X-* before 7.X-2.39.
CVE-2024-13277	1 Smart Ip Ban Project	1 Smart Ip Ban	2025-09-02	9.1 Critical
Incorrect Authorization vulnerability in Drupal Smart IP Ban allows Forceful Browsing.This issue affects Smart IP Ban: from 7.X-1.0 before 7.X-1.1.
CVE-2024-13278	1 Diff Project	1 Diff	2025-09-02	9.1 Critical
Incorrect Authorization vulnerability in Drupal Diff allows Functionality Misuse.This issue affects Diff: from 0.0.0 before 1.8.0.
CVE-2024-13279	1 Two-factor Authentication Project	1 Two-factor Authentication	2025-09-02	9.8 Critical
Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.8.0.
CVE-2024-13280	1 Persistent Login Project	1 Persistent Login	2025-09-02	9.8 Critical
Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0.* before 2.2.2.
CVE-2024-13281	1 Monster Menus Project	1 Monster Menus	2025-09-02	9.1 Critical
Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue affects Monster Menus: from 0.0.0 before 9.3.2.
CVE-2024-13282	1 Block Permissions Project	1 Block Permissions	2025-09-02	8.8 High
Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0.
CVE-2024-13283	1 Facets Project	1 Facets	2025-09-02	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Facets allows Cross-Site Scripting (XSS).This issue affects Facets: from 0.0.0 before 2.0.9.
CVE-2024-13284	1 Drupalgutenberg	1 Gutenberg	2025-09-02	8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg allows Cross Site Request Forgery.This issue affects Gutenberg: from 0.0.0 before 2.13.0, from 3.0.0 before 3.0.5.
CVE-2024-13285	1 Wkhtmltopdf	1 Wkhtmltopdf	2025-09-02	9.8 Critical
Vulnerability in Drupal wkhtmltopdf.This issue affects wkhtmltopdf: ..
CVE-2024-13286	1 Svg Embed Project	1 Svg Embed	2025-09-02	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal SVG Embed allows Cross-Site Scripting (XSS).This issue affects SVG Embed: from 0.0.0 before 2.1.2.
CVE-2024-13287	1 Views Svg Animation Project	1 Views Svg Animation	2025-09-02	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting (XSS).This issue affects Views SVG Animation: from 0.0.0 before 1.0.1.
CVE-2024-13288	1 Monster Menus Project	1 Monster Menus	2025-09-02	4.3 Medium
Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.This issue affects Monster Menus: from 0.0.0 before 9.3.4, from 9.4.0 before 9.4.2.
CVE-2024-13289	1 Usercentrics	1 Cookiebot \+ Gtm	2025-09-02	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Cookiebot + GTM allows Cross-Site Scripting (XSS).This issue affects Cookiebot + GTM: from 0.0.0 before 1.0.18.

« first previous Page 3553 of 17201. next last »