Max CVSS 6.8 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2014-9016 5.0
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.
20-04-2021 - 12:50 24-11-2014 - 15:59
CVE-2014-9015 6.8
Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to hijack sessions via a crafted request, as demonstrated by a crafted request to a server that supports both HTTP and HTTPS sessions.
20-12-2018 - 17:53 24-11-2014 - 15:59
Back to Top Mark selected
Back to Top