目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

Drupal 厂商漏洞列表 / CVE 中文分析 295

Drupal 厂商相关 295 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

Drupal 是广泛使用的开源内容管理系统,核心用于构建网站与数字体验。其历史漏洞多涉及远程代码执行、跨站脚本及权限绕过,常因配置不当或插件缺陷引发。尽管具备完善的安全更新机制,但累计 295 条 CVE 显示其攻击面较大。用户需及时修补并强化访问控制,以应对持续演变的安全威胁,确保系统稳定运行。

37 件の結果 / 295フィルターをクリア
上位製品 Drupal: Drupal Core core Open Social Enterprise MFA - TFA for Drupal AI (Artificial Intelligence) COOKiES Consent Management Two-factor Authentication (TFA) One Time Password Authenticator Login OpenID Connect / OAuth client Facets Data-module Klaro Cookie & Consent Management Access code Quick Node Block Simple Klaro Google Tag Email TFA CivicTheme Design System Acquia DAM Drupal POST File Paragraphs table Tagify Drupal Canvas Login Disable Node Access Rebuild Progressive Monster Menus File Entity (fieldable files) File Access Fix (deprecated)
CVE IDタイトルCVSS深刻度公開日
CVE-2025-13083 Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008 — Drupal coreCWE-525 7.5AIHighAI2025-11-18
CVE-2025-13082 Drupal core - Moderately critical - Defacement - SA-CORE-2025-007 — Drupal coreCWE-451 4.3AIMediumAI2025-11-18
CVE-2025-13081 Drupal core - Moderately critical - Gadget chain - SA-CORE-2025-006 — Drupal coreCWE-915 9.8AICriticalAI2025-11-18
CVE-2025-13080 Drupal core - Moderately critical - Denial of Service - SA-CORE-2025-005 — Drupal coreCWE-754--AI2025-11-18
CVE-2025-31675 Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004 — Drupal coreCWE-79 6.1 -2025-03-31
CVE-2025-31674 Drupal core - Moderately critical - Gadget Chain - SA-CORE-2025-003 — Drupal coreCWE-915 9.8 -2025-03-31
CVE-2025-31673 Drupal core - Moderately critical - Access bypass - SA-CORE-2025-002 — Drupal coreCWE-863 6.5 -2025-03-31
CVE-2025-3057 Drupal core - Critical - Cross site scripting - SA-CORE-2025-001 — Drupal coreCWE-79 6.1 -2025-03-31
CVE-2024-55638 Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008 — Drupal CoreCWE-915 9.8 -2024-12-09
CVE-2024-55637 Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-007 — Drupal CoreCWE-915 9.8 -2024-12-09
CVE-2024-55636 Drupal core - Less critical - Gadget chain - SA-CORE-2024-006 — Drupal CoreCWE-915 9.8 -2024-12-09
CVE-2024-55635 Drupal core - Critical - Cross Site Scripting - SA-CORE-2024-005 — Drupal CoreCWE-79 6.1 -2024-12-09
CVE-2024-55634 Drupal core - Moderately critical - Access bypass - SA-CORE-2024-004 — Drupal CoreCWE-178 8.8 -2024-12-09
CVE-2024-12393 Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2024-003 — Drupal CoreCWE-79 6.1 -2024-12-09
CVE-2024-11942 Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002 — Drupal CoreCWE-390 9.1 -2024-12-05
CVE-2024-11941 Drupal core - Moderately critical - Denial of Service - SA-CORE-2024-001 — Drupal CoreCWE-835 7.5 -2024-12-05
CVE-2024-45440 Drupal 安全漏洞 — Drupal core 5.3AIMediumAI2024-08-29
CVE-2020-13688 Drupal Core 跨站脚本漏洞 — Drupal Core 6.1 -2021-06-11
CVE-2020-13663 Drupal 跨站请求伪造漏洞 — Drupal Core 8.8 -2021-06-11
CVE-2020-13667 Drupal 安全漏洞 — Drupal Core 7.5 -2021-05-17
CVE-2020-13664 Drupal 命令注入漏洞 — Drupal Core 8.8 -2021-05-05
CVE-2020-13662 IBM API Connect 输入验证错误漏洞 — Drupal Core 6.1 -2021-05-05
CVE-2020-13665 Drupal 安全漏洞 — Drupal Core 9.8 -2021-05-05
CVE-2020-13666 Drupal 跨站脚本漏洞 — Drupal Core 6.1 -2021-05-05
CVE-2020-13671 Drupal core 代码问题漏洞 — Drupal Core 8.8 -2020-11-20
CVE-2019-6342 Drupal core - Critical - Access bypass - SA-CORE-2019-008 — Drupal Core 7.5 -2020-05-28
CVE-2019-6341 Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2019-004 — Drupal core 5.4 -2019-03-26
CVE-2019-6340 Drupal core - Highly critical - Remote Code Execution — Drupal Core 8.1 -2019-02-21
CVE-2017-6923 Access bypass in Drupal 8 views — Drupal core 6.5 -2019-01-22
CVE-2019-6339 PHAR stream wrapper Arbitrary PHP code execution — Drupal core 9.8 -2019-01-22

本页汇总了 Drupal 厂商截至目前公开的全部 295 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。