Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-107 - Services - Access bypass

By Drupal Security Team on 2 Dec 2010 at 02:20 UTC

DRUPAL-SA-CONTRIB-2010-107
Project: Services (third-party module)
Version: 6.x
Date: 2010-Dec-01
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-106 - Comment Edited - Cross Site Scripting

By Drupal Security Team on 1 Dec 2010 at 19:40 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-106
Project: Comment Edited (third-party module)
Version: 6.x
Date: 2010-Dec-01
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-105 - Outline Designer - Cross Site Request Forgery

By Drupal Security Team on 1 Dec 2010 at 18:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-105
Project: Outline Designer (third-party module)
Version: 6.x
Date: 2010-December-01
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross-site Request Forgery

SA-CONTRIB-2010-104 - Relevant Content - Information Disclosure

By Drupal Security Team on 18 Nov 2010 at 02:18 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-104
Project: Relevant Content (third-party module)
Version: 5.x, 6.x
Date: 2010-November-17
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Information Disclosure

SA-CONTRIB-2010-103 - Node Relativity - Multiple vulnerabilities

By Drupal Security Team on 11 Nov 2010 at 04:28 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-103
Project: Node Relativity (third-party module)
Version: 5.x, 6.x
Date: 2010-November-10
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross-Site Scripting, Cross Site Request Forgery, Access bypass

SA-CONTRIB-2010-102 - Category tokens - Cross Site Scripting

By Drupal Security Team on 10 Nov 2010 at 20:48 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-102
Project: Category tokens (third-party module)
Version: 6.x
Date: 2010-November-10
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross-Site Scripting

SA-CONTRIB-2010-101 - Watcher - Multiple Vulnerabilities

By Drupal Security Team on 28 Oct 2010 at 04:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-101
Project: Watcher
Version: 5.x, 6.x
Date: 2010-October-27
Security risk: Critical
Exploitable from: Remote
Vulnerability: Cross-site Scripting and Cross-site Request Forgery

SA-CONTRIB-2010-100 - Ubuntu Drupal Theme - Directory traversal and information disclosure

By Drupal Security Team on 20 Oct 2010 at 18:47 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-100
Projects: Ubuntu Drupal Theme - Brown
Version: 5.x, 6.x
Date: 2010-October-20
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Directory traversal and information disclosure

SA-CONTRIB-2010-099 - Views Bulk Operations - Access Bypass

By Drupal Security Team on 6 Oct 2010 at 21:32 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-099
Project: Views Bulk Operations (third-party module)
Version: 6.x
Date: 2010-October-6
Security risk: Not critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2010-098 - Memcache - Multiple vulnerabilities

By Drupal Security Team on 29 Sep 2010 at 23:53 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-098
Project: memcache (third-party module)
Version: 5.x, 6.x
Date: 2010-September-29
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Access bypass, Cross-Site Scripting

Description

The Memcache project provides an alternative cache backend which works with memcached program to speed up high traffic sites.

Pages

Subscribe with RSS