Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2014-035 - CAS Server - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-035
  • Project: CAS (third-party module)
  • Version: 6.x, 7.x
  • Date: 2014-April-02
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2014-034 - Custom Search - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-034
  • Project: Custom Search (third-party module)
  • Version: 6.x, 7.x
  • Date: 2014-April-02
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2014-033 - Nivo Slider - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-033
  • Project: Nivo Slider (third-party module)
  • Version: 7.x
  • Date: 2014-March-19
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

SA-CONTRIB-2014-032 - Xapian integration - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-032
  • Project: Xapian integration (third-party module)
  • Version: 6.x, 7.x
  • Date: 2014-March-19
  • Security risk: Not critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass

SA-CONTRIB-2014-031 - Webform Template - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-031
  • Project: Webform Template (third-party module)
  • Version: 7.x
  • Date: 2014-March-12
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass

SA-CONTRIB-2014-030 - SexyBookmarks - Information Disclosure

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-030
  • Project: SexyBookmarks (third-party module)
  • Version: 6.x
  • Date: 2014-March-12
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Information Disclosure
Categories: Drupal 6.x

SA-CONTRIB-2014-029 - Mime Mail - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-029
  • Project: Mime Mail (third-party module)
  • Version: 6.x, 7.x
  • Date: 2014-March-05
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2014-028 - Masquerade - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-028
  • Project: Masquerade (third-party module)
  • Version: 6.x, 7.x
  • Date: 2014-March-05
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2014-027 - NewsFlash Theme - XSS

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-027
  • Project: NewsFlash (third-party theme)
  • Version: 6.x, 7.x
  • Date: 2014-March-05
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2014-026 - Mime Mail - Access bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2014-026
  • Project: Mime Mail (third-party module)
  • Version: 6.x, 7.x
  • Date: 2014-February-26
  • Security risk: Not critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x, Drupal 7.x

Pages

Subscribe with RSS Subscribe to Security advisories