Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2013-068 - Entity API - Access Bypass

By Drupal Security Team on 14 Aug 2013 at 15:24 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-068
Project: Entity API (third-party module)
Version: 7.x
Date: 2013-August-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2013-067 - BOTCHA - Information Disclosure (potential Privilege Escalation)

By Drupal Security Team on 14 Aug 2013 at 13:07 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-067
Project: BOTCHA Spam Prevention (third-party module)
Version: 7.x
Date: 2013-August-14
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2013-066 - Monster Menus - Multiple Vulnerabilities

By Drupal Security Team on 7 Aug 2013 at 19:41 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-066
Project: Monster Menus (third-party module)
Version: 6.x, 7.x
Date: 2013-August-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2013-065 - Organic Groups - Access Bypass

By Drupal Security Team on 7 Aug 2013 at 18:20 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-065
Project: Organic groups (third-party module)
Version: 7.x
Date: 2013-August-07
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access bypass, Multiple vulnerabilities

SA-CONTRIB-2013-064 - Persona - Cross site request forgery (CSRF)

By Drupal Security Team on 7 Aug 2013 at 15:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-064
Project: Mozilla Persona (third-party module)
Version: 7.x
Date: 2013-August-07
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Request Forgery

SA-CONTRIB-2013-063 - Authenticated User Page Caching (Authcache) - Information Disclosure

By Drupal Security Team on 7 Aug 2013 at 15:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-063
Project: Authenticated User Page Caching (Authcache) (third-party module)
Version: 7.x
Date: 2013-August-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2013-062 - RESTful Web Services (RESTWS) - Access Bypass

By Drupal Security Team on 7 Aug 2013 at 15:24 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-062
Project: RESTful Web Services (third-party module)
Version: 7.x
Date: 2013-August-07
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2013-061 - Flippy - Access Bypass

By Drupal Security Team on 31 Jul 2013 at 15:02 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-061
Project: Flippy (third-party module)
Version: 7.x
Date: 2013-July-31
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2013-060 - Scald - Cross Site Scripting (XSS)

By Drupal Security Team on 24 Jul 2013 at 15:25 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-060
Project: Scald (third-party module)
Version: 6.x, 7.x
Date: 2013-July-24
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2013-059 - Hostmaster (Aegir) - Access Bypass

By Drupal Security Team on 17 Jul 2013 at 18:56 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2013-059
Project: Hostmaster (Aegir) (third-party module)
Version: 6.x
Date: 2013-July-17
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass

Pages

Subscribe with RSS