Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-087 - GovDelivery - Cross site scripting

By Drupal Security Team on 11 Aug 2010 at 22:36 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-087
Project: GovDelivery Integration (third-party module)
Version: 6.x
Date: 2010-Aug-11
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross site scripting

SA-CONTRIB-2010-086 - Prepopulate - Access Bypass

By Drupal Security Team on 11 Aug 2010 at 22:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-086
Project: Prepopulate (third-party module)
Version: 5.x and 6.x
Date: 2010-Aug-11
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-085 - Pathauto - Cross Site Scripting

By Drupal Security Team on 11 Aug 2010 at 20:31 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-085
Project: Pathauto (third-party module)
Version: 5.x, 6.x
Date: 2010-August-11
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-084 - OpenID - Authentication bypass

By Drupal Security Team on 11 Aug 2010 at 19:55 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-084
Project: OpenID (third-party module)
Version: 5.x
Date: 2010-Aug-11
Security risk: Critical
Exploitable from: Remote
Vulnerability: Authentication bypass

SA-CORE-2010-002 - Drupal core - Multiple vulnerabilities

By Drupal Security Team on 11 Aug 2010 at 19:53 UTC

Advisory ID: DRUPAL-SA-CORE-2010-002
Project: Drupal core
Version: 5.x, 6.x
Date: 2010-August-11
Security risk: Critical
Exploitable from: Remote
Vulnerability: Multiple vulnerabilities

SA-CONTRIB-2010-083 - Ubercart sub-modules - Multiple Vulnerabilities

By Drupal Security Team on 11 Aug 2010 at 18:39 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-083
Project: UC2Checkout, UCPaypal, UC Cart LInks (third-party modules in the Ubercart Project)
Version: 5.x, 6.x
Date: 2010-Aug-11
Security risk: Critical
Exploitable from: Remote
Vulnerability: Access Bypass, Cross Site Request Forgery

SA-CONTRIB-2010-082 - Print - Local file read access

By Drupal Security Team on 11 Aug 2010 at 18:35 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-082
Project: Printer, e-mail and PDF versions (third-party module)
Version: 5.x, 6.x
Date: 2010-August-11
Security risk: Critical
Exploitable from: Remote
Vulnerability: Local file read access

SA-CONTRIB-2010-081 - FileField Sources - Arbitrary Code Execution

By Drupal Security Team on 11 Aug 2010 at 18:31 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-081
Project: FileField Sources (third-party module)
Version: 6.x
Date: 2010-August-11
Security risk: Critical
Exploitable from: Remote
Vulnerability: Arbitrary Code Execution

SA-CONTRIB-2010-080 - Privatemsg - Cross Site Scripting

By Drupal Security Team on 11 Aug 2010 at 13:07 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-080
Project: Privatemsg (third-party module)
Version: 6.x
Date: 2010-August-11
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross-Site Scripting

SA-CONTRIB-2010-079 - Devel (Performance logging) - Cross Site Scripting

By kbahey on 4 Aug 2010 at 22:39 UTC

Advisory ID: SA-CONTRIB-2010-079
Project: Devel (third-party module)
Version: 5.x, 6.x
Date: 2010-Aug-04
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS