Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2010-109 - Embedded Media Field, Media: Video Flotsam, Media: Audio Flotsam - Multiple Vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-109
  • Projects: Embedded Media Field, Media: Video Flotsam, Media: Audio Flotsam (third-party module)
  • Version: 5.x and 6.x
  • Date: 2010-December-08
  • Security risk: Moderately Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-108 - Who Bought What|Ubercart - Multiple Vulnerabilities

By Drupal Security Team on
  • DRUPAL-SA-CONTRIB-2010-108
  • Project: Who Bought What|Ubercart (third-party module)
  • Version: 6.x
  • Date: 2010-Dec-08
  • Security risk: Highly Critical
  • Exploitable from: Remote
  • Vulnerability: Multiple Vulnerabilities
Categories: Drupal 6.x

SA-CONTRIB-2010-107 - Services - Access bypass

By Drupal Security Team on
  • DRUPAL-SA-CONTRIB-2010-107
  • Project: Services (third-party module)
  • Version: 6.x
  • Date: 2010-Dec-01
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass
Categories: Drupal 6.x

SA-CONTRIB-2010-106 - Comment Edited - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-106
  • Project: Comment Edited (third-party module)
  • Version: 6.x
  • Date: 2010-Dec-01
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-105 - Outline Designer - Cross Site Request Forgery

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-105
  • Project: Outline Designer (third-party module)
  • Version: 6.x
  • Date: 2010-December-01
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross-site Request Forgery
Categories: Drupal 6.x

SA-CONTRIB-2010-104 - Relevant Content - Information Disclosure

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-104
  • Project: Relevant Content (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-November-17
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Information Disclosure
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-103 - Node Relativity - Multiple vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-103
  • Project: Node Relativity (third-party module)
  • Version: 5.x, 6.x
  • Date: 2010-November-10
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross-Site Scripting, Cross Site Request Forgery, Access bypass
Categories: Drupal 5.x, Drupal 6.x

SA-CONTRIB-2010-102 - Category tokens - Cross Site Scripting

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-102
  • Project: Category tokens (third-party module)
  • Version: 6.x
  • Date: 2010-November-10
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Cross-Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2010-101 - Watcher - Multiple Vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-101
  • Project: Watcher
  • Version: 5.x, 6.x
  • Date: 2010-October-27
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Cross-site Scripting and Cross-site Request Forgery

SA-CONTRIB-2010-100 - Ubuntu Drupal Theme - Directory traversal and information disclosure

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2010-100
  • Projects: Ubuntu Drupal Theme - Brown
  • Version: 5.x, 6.x
  • Date: 2010-October-20
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Directory traversal and information disclosure
Categories: Drupal 5.x, Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories