Skip to main content

Two Factor Authentication

4 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-7030 PHP MEDIUM PATCH This Month

CVE-2025-7030 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

Information Disclosure Drupal Two Factor Authentication
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-31694 PHP HIGH PATCH This Week

Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.0.0 before 1.10.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Drupal Two Factor Authentication
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2024-13279 PHP CRITICAL PATCH This Week

Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation.0.0 before 1.8.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Drupal Session Fixation Two Factor Authentication
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2024-13239 PHP CRITICAL PATCH This Week

Weak Authentication vulnerability in Drupal Two-factor Authentication (TFA) allows Authentication Abuse.0.0 before 1.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Drupal Two Factor Authentication
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-7030 PHP
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

CVE-2025-7030 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

Information Disclosure Drupal Two Factor Authentication
NVD
CVE-2025-31694 PHP
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Incorrect Authorization vulnerability in Drupal Two-factor Authentication (TFA) allows Forceful Browsing.0.0 before 1.10.0. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Drupal Two Factor Authentication
NVD
CVE-2024-13279 PHP
EPSS 0% CVSS 9.8
CRITICAL PATCH This Week

Session Fixation vulnerability in Drupal Two-factor Authentication (TFA) allows Session Fixation.0.0 before 1.8.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Drupal Session Fixation +1
NVD
CVE-2024-13239 PHP
EPSS 0% CVSS 9.8
CRITICAL PATCH This Week

Weak Authentication vulnerability in Drupal Two-factor Authentication (TFA) allows Authentication Abuse.0.0 before 1.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Drupal Two Factor Authentication
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy