These posts by the Drupal security team are also sent to the security announcements e-mail list.
SA-2008-073 - Drupal core - Multiple vulnerabilities
Posted by Gábor Hojtsy on December 10, 2008 at 9:42pm
- Advisory ID: DRUPAL-SA-2008-073
- Project: Drupal core
- Versions: 5.x and 6.x
- Date: 2008-December-10
- Security risk: Moderately Critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
SA-2008-067 - Drupal core - Multiple vulnerabilities
Posted by Gábor Hojtsy on October 22, 2008 at 7:06pm
- Advisory ID: DRUPAL-SA-2008-067
- Project: Drupal core
- Versions: 5.x and 6.x
- Date: 2008-October-22
- Security risk: Less Critical
- Exploitable from: Local/Remote
- Vulnerability: Multiple vulnerabilities
SA-2008-060 - Drupal core - Multiple vulnerabilities
Posted by Gábor Hojtsy on October 8, 2008 at 9:43pm
- Advisory ID: DRUPAL-SA-2008-060
- Project: Drupal core
- Versions: 5.x and 6.x
- Date: 2008-October-8
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
SA-2008-047 - Drupal core - Multiple vulnerabilities
Posted by Heine on August 13, 2008 at 11:27pm
- Advisory ID: DRUPAL-SA-2008-047
- Project: Drupal core
- Version: 5.x, 6.x
- Date: 2008-August-13
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
SA-2008-046 - Drupal core - Session fixation
Posted by Heine on July 23, 2008 at 7:58pm
- Advisory ID: DRUPAL-SA-2008-046
- Project: Drupal core
- Version: 5.x
- Date: 2008-July-23
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Session fixation
SA-2008-044 - Drupal core - Multiple vulnerabilities
Posted by Heine on July 9, 2008 at 9:24pm
- Advisory ID: DRUPAL-SA-2008-044
- Project: Drupal core
- Version: 5x, 6.x
- Date: 2008-July-9
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
SA-2008-026 - Drupal core - Access bypass
Posted by Heine on April 9, 2008 at 8:25pm
- Advisory ID: DRUPAL-SA-2008-026
- Project: Drupal core
- Version: 6.x
- Date: 2008-April-09
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Access bypass
SA-2008-018 - Drupal core - Cross site scripting
Posted by Gábor Hojtsy on February 27, 2008 at 7:23pm
- Advisory ID: DRUPAL-SA-2008-018
- Project: Drupal core
- Version: 6.0
- Date: 2008-February-27
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Multiple cross site scripting vulnerabilities
SA-2008-007 - Drupal core - Cross site scripting (register_globals)
Posted by Heine on January 10, 2008 at 9:03pm
- Advisory ID: DRUPAL-SA-2008-007
- Project: Drupal core
- Version: 4.7.x, 5.x
- Date: 2008-January-10
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting when register_globals is enabled.
SA-2008-006 - Drupal core - Cross site scripting (UTF8)
Posted by Heine on January 10, 2008 at 9:02pm
- Advisory ID: DRUPAL-SA-2008-006
- Project: Drupal core
- Version: 4.7.x, 5.x
- Date: 2008-January-10
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Subscribe with RSS 