CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-13298	Tarte au Citron - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-064 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Tarte au Citron allows Cross-Site Scripting (XSS).This issue affects Tarte au Citron: from 2.0.0 before 2.0.5. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13297	Eloqua - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-063 Description: Deserialization of Untrusted Data vulnerability in Drupal Eloqua allows Object Injection.This issue affects Eloqua: from 7.X-* before 7.X-1.15. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13296	Mailjet - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-062 Description: Deserialization of Untrusted Data vulnerability in Drupal Mailjet allows Object Injection.This issue affects Mailjet: from 0.0.0 before 4.0.1. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13295	Node export - Moderately critical - Arbitrary PHP code execution - SA-CONTRIB-2024-061 Description: Deserialization of Untrusted Data vulnerability in Drupal Node export allows Object Injection.This issue affects Node export: from 7.X-* before 7.X-3.3. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13294	POST File - Critical - Cross Site Scripting, Arbitrary PHP code execution - SA-CONTRIB-2024-060 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal POST File allows Cross-Site Scripting (XSS).This issue affects POST File: from 0.0.0 before 1.0.2. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13293	POST File - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-059 Description: Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request Forgery.This issue affects POST File: from 0.0.0 before 1.0.2. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13292	Tooltip - Moderately critical - Cross site scripting - SA-CONTRIB-2024-058 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Tooltip allows Cross-Site Scripting (XSS).This issue affects Tooltip: from 0.0.0 before 1.1.2. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13291	Basic HTTP Authentication - Critical - Access bypass - SA-CONTRIB-2024-057 Description: Incorrect Authorization vulnerability in Drupal Basic HTTP Authentication allows Forceful Browsing.This issue affects Basic HTTP Authentication: from 7.X-1.0 before 7.X-1.4. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13290	OhDear Integration - Moderately critical - Access bypass - SA-CONTRIB-2024-056 Description: Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This issue affects OhDear Integration: from 0.0.0 before 2.0.4. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)
CVE-2024-13289	Cookiebot + GTM - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-055 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Cookiebot + GTM allows Cross-Site Scripting (XSS).This issue affects Cookiebot + GTM: from 0.0.0 before 1.0.18. EPSS Score: 0.04% Source: CVE January 10th, 2025 (6 months ago)