CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-13290
OhDear Integration - Moderately critical - Access bypass - SA-CONTRIB-2024-056
Description: Incorrect Authorization vulnerability in Drupal OhDear Integration allows Forceful Browsing.This issue affects OhDear Integration: from 0.0.0 before 2.0.4.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13289
Cookiebot + GTM - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-055
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Cookiebot + GTM allows Cross-Site Scripting (XSS).This issue affects Cookiebot + GTM: from 0.0.0 before 1.0.18.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13288
Monster Menus - Critical - Arbitrary PHP code execution - SA-CONTRIB-2024-052
Description: Deserialization of Untrusted Data vulnerability in Drupal Monster Menus allows Object Injection.This issue affects Monster Menus: from 0.0.0 before 9.3.4, from 9.4.0 before 9.4.2.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13287
Views SVG Animation - Moderately critical - Cross Site Scripting - SA-CONTRIB-2024-051
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Views SVG Animation allows Cross-Site Scripting (XSS).This issue affects Views SVG Animation: from 0.0.0 before 1.0.1.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13284
Gutenberg - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-048
Description: Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg allows Cross Site Request Forgery.This issue affects Gutenberg: from 0.0.0 before 2.13.0, from 3.0.0 before 3.0.5.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13283
Facets - Critical - Cross Site Scripting - SA-CONTRIB-2024-047
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Facets allows Cross-Site Scripting (XSS).This issue affects Facets: from 0.0.0 before 2.0.9.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13282
Block permissions - Moderately critical - Access bypass - SA-CONTRIB-2024-046
Description: Incorrect Authorization vulnerability in Drupal Block permissions allows Forceful Browsing.This issue affects Block permissions: from 1.0.0 before 1.2.0.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13281
Monster Menus - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2024-045
Description: Incorrect Authorization vulnerability in Drupal Monster Menus allows Forceful Browsing.This issue affects Monster Menus: from 0.0.0 before 9.3.2.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13280
Persistent Login - Moderately critical - Access bypass - SA-CONTRIB-2024-044
Description: Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0.* before 2.2.2.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)

CVE-2024-13279
Two-factor Authentication (TFA) - Critical - Access bypass - SA-CONTRIB-2024-043
Description: Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation.This issue affects Two-factor Authentication (TFA): from 0.0.0 before 1.8.0.

EPSS Score: 0.04%

Source: CVE
January 10th, 2025 (6 months ago)