These posts by the Drupal security team are also sent to the security announcements e-mail list.

SA-CORE-2014-001 - Drupal core - Multiple vulnerabilities

  • Advisory ID: DRUPAL-SA-CORE-2014-001
  • Project: Drupal core
  • Version: 6.x, 7.x
  • Date: 2014-January-15
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities

  • Advisory ID: DRUPAL-SA-CORE-2013-003
  • Project: Drupal core
  • Version: 6.x, 7.x
  • Date: 2013-November-20
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Multiple vulnerabilities

SA-CORE-2013-002 - Drupal core - Denial of service

  • Advisory ID: DRUPAL-SA-CORE-2013-002
  • Project: Drupal core
  • Version: 7.x
  • Date: 2013-February-20
  • Security risk: Critical
  • Exploitable from: Remote
  • Vulnerability: Denial of service

SA-CORE-2013-001 - Drupal core - Multiple vulnerabilities

  • Advisory ID: DRUPAL-SA-CORE-2013-001
  • Project: Drupal core
  • Version: 6.x, 7.x
  • Date: 2013-January-16
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Cross Site Scripting, Access bypass

SA-CORE-2012-004 - Drupal core - Multiple vulnerabilities

  • Advisory ID: DRUPAL-SA-CORE-2012-004
  • Project: Drupal core
  • Version: 6.x, 7.x
  • Date: 2012-December-19
  • Security risk: Moderately critical
  • Exploitable from: Remote
  • Vulnerability: Access bypass, Arbitrary PHP code execution

SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure

  • Advisory ID: DRUPAL-SA-CORE-2012-003
  • Project: Drupal core
  • Version: 7.x
  • Date: 2012-October-17
  • Security risk: Highly critical
  • Exploitable from: Remote
  • Vulnerability: Information Disclosure, Arbitrary PHP code execution

Pages

Subscribe with RSS Subscribe to RSS - Security advisories for Drupal core