Security advisories

Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-020 - Facebook-style Statuses (Microblog) - Access bypass

By Drupal Security Team on 24 Feb 2010 at 22:26 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-020
Project: Facebook-style Statuses (Microblog) (third-party module)
Version: 6.x-2.x
Date: 2010-February-24
Security risk: Not Critical
Exploitable from: Remote
Vulnerability: Access bypass

SA-CONTRIB-2010-019 - Weekly Archive by Node Type - Access Bypass

By Drupal Security Team on 24 Feb 2010 at 16:17 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-019
Project: Weekly Archive by Node Type (third-party module)
Version: 6.x-2.x
Date: 2010-February-24
Security risk: Less Critical
Exploitable from: Remote
Vulnerability: Access Bypass

SA-CONTRIB-2010-018 - Content Distribution - Multiple Vulnerabilities

By Drupal Security Team on 17 Feb 2010 at 22:37 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-018
Project: Content Distribution (third-party module)
Version: 6.x
Date: 2010 February 17
Security risk: Moderately Critical
Exploitable from: Remote
Vulnerability: Mulitple Vulnerabilities

SA-CONTRIB-2010-017 - iTweak Upload - Cross Site Scripting

By Drupal Security Team on 17 Feb 2010 at 18:19 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-017
Project: iTweak Upload (third-party module)
Version: 6.x
Date: 2010 February 17
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-016 - Graphviz Filter - arbitrary code execution

By Drupal Security Team on 10 Feb 2010 at 23:11 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-016
Project: Graphviz Filter (third-party module)
Version: 6.x, 5.x
Date: 2010 February 10
Security risk: Highly critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

SA-CONTRIB-2010-015 - Signwriter - Arbitrary code execution

By Drupal Security Team on 3 Feb 2010 at 20:03 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-015
Project: Signwriter (third-party module)
Version: 5.x, 6.x
Date: 2010-February-3
Security risk: Critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

SA-CONTRIB-2010-014 - Node Export - Arbitrary code execution

By Drupal Security Team on 3 Feb 2010 at 19:01 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-014
Project: Node Export (third-party module)
Version: 5.x, 6.x
Date: 2010-February-3
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Arbitrary code execution

SA-CONTRIB-2010-013 - Menu Breadcrumb - Cross site scripting

By Drupal Security Team on 3 Feb 2010 at 16:19 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-013
Project: Menu Breadcrumb (third-party module)
Version: 6.x
Date: 2010-February-03
Security risk: Less critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-012 - ODF Import - Access Bypass (possible Cross Site Scripting)

By greggles on 3 Feb 2010 at 15:44 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-012
Project: ODF Import (third-party module)
Version: 6.x-1.0
Date: 2010-February-3
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

SA-CONTRIB-2010-011 - Feedback - Cross Site Scripting

By Drupal Security Team on 27 Jan 2010 at 22:50 UTC

Advisory ID: DRUPAL-SA-CONTRIB-2010-011
Project: Feedback (third-party module)
Version: 5.x, 6.x
Date: 2010-January-27
Security risk: Moderately critical
Exploitable from: Remote
Vulnerability: Cross Site Scripting

Pages

Subscribe with RSS