Show advisories for only Drupal Core, only contributed projects, or only PSAs

SA-CONTRIB-2012-132 - Announcements - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-132
  • Project: Announcements (third-party module)
  • Version: 6.x
  • Date: 2012-August-29
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CONTRIB-2012-131 - Email Field - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-131
  • Project: Email Field (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-August-29
  • Security risk: Less critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2012-130 - Jstool - Multiple Vulnerabilities

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-130
  • Project: Javascript Tool (third-party module)
  • Version: 7.x
  • Date: 2012-August-29
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities
Categories: Drupal 7.x

SA-CONTRIB-2012-129 - Activism - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-129
  • Project: Activism (third-party module)
  • Version: 6.x
  • Date: 2012-08-29
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access Bypass
Categories: Drupal 6.x

SA-CONTRIB-2012-128 - Elegant Theme - Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-128
  • Project: Elegant Theme (third-party module)
  • Version: 7.x
  • Date: 2012-August-15
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 7.x

SA-CONTRIB-2012-127 - Custom Publishing Options - Cross Site Scripting (XSS) Vulnerability

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-127
  • Project: Custom Publishing Options (third-party module)
  • Version: 6.x
  • Date: 2012-August-15
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting
Categories: Drupal 6.x

SA-CONTRIB-2012-126 - Hotblocks - Cross Site Scripting (XSS) and Denial of Service (DoS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-126
  • Project: HotBlocks (third-party module)
  • Version: 6.x
  • Date: 2012-August-15
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Multiple vulnerabilities
Categories: Drupal 6.x

SA-CONTRIB-2012-125 - Chaos tool suite (ctools) - Local File Inclusion and Cross Site Scripting (XSS)

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-125
  • Project: Chaos tool suite (ctools) (third-party module)
  • Version: 6.x, 7.x
  • Date: 2012-August-8
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Local File Inclusion and Cross Site Scripting
Categories: Drupal 6.x, Drupal 7.x

SA-CONTRIB-2012-124 - Mime Mail - Access Bypass

By Drupal Security Team on
  • Advisory ID: DRUPAL-SA-CONTRIB-2012-124
  • Project: Mime Mail (third-party module)
  • Version: 6.x
  • Date: 2012-August-8
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass
Categories: Drupal 6.x

SA-CONTRIB-2012-123 - Shibboleth authentication - Access Bypass

By Drupal Security Team on
Categories: Drupal 6.x

Pages

Subscribe with RSS Subscribe to Security advisories