news aggregator
August 13, 2008
17:27
- Advisory ID: DRUPAL-SA-2008-047
- Project: Drupal core
- Version: 5.x, 6.x
- Date: 2008-August-13
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
Source: Drupal Security Announcements
July 23, 2008
13:58
- Advisory ID: DRUPAL-SA-2008-046
- Project: Drupal core
- Version: 5.x
- Date: 2008-July-23
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Session fixation
Source: Drupal Security Announcements
July 9, 2008
16:08
- Advisory ID: DRUPAL-SA-2008-045
- Project: OpenID (third-party module)
- Version: 5.x
- Date: 2008-July-9
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting, Cross site request forgeries
Source: Drupal Security Announcements
15:24
- Advisory ID: DRUPAL-SA-2008-044
- Project: Drupal core
- Version: 5x, 6.x
- Date: 2008-July-9
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
Source: Drupal Security Announcements
July 2, 2008
14:56
- Advisory ID: DRUPAL-SA-2008-043
- Project: Outline designer (third-party module)
- Version: 5.x
- Date: 2008-July-2
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Privilege escalation
Source: Drupal Security Announcements
14:51
- Advisory ID: DRUPAL-SA-2008-042
- Project: Tinytax taxonomy block (third-party module)
- Version: 5.x
- Date: 2008-July-2
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
14:48
- Advisory ID: DRUPAL-SA-2008-041
- Project: Taxonomy autotagger (third-party module)
- Version: 5.x
- Date: 2008-July-2
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting and SQL injection
Source: Drupal Security Announcements
14:42
- Advisory ID: DRUPAL-SA-2008-040
- Project: Organic Groups (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-July-02
- Security risk: Less Critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting and information disclosure
Source: Drupal Security Announcements
June 25, 2008
12:53
- Advisory ID: SA-2008-039
- Project: Suggested terms (third-party module)
- Versions: 5.x
- Date: 2008-June-25
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
June 18, 2008
15:50
- Advisory ID: DRUPAL-SA-2008-038
- Project: Services (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-June-18
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Arbitrary code execution
Source: Drupal Security Announcements
15:07
- Advisory ID: DRUPAL-SA-2008-037
- Project: TrailScout (third-party module)
- Version: 5.x
- Date: 2008-June-18
- Security risk: Higly critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting and SQL injection
Source: Drupal Security Announcements
09:15
- Advisory ID: SA-2008-036
- Project: Profile Search (third-party module)
- Versions: 5.x
- Date: 2008-July-18
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
Source: Drupal Security Announcements
June 11, 2008
13:44
- Advisory ID: SA-2008-035
- Project: Aggregation (third-party module)
- Versions: 5.x
- Date: 2008-June-11
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities
Source: Drupal Security Announcements
13:24
- Advisory ID: SA-2008-034
- Project: Node Hierarchy (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-June-11
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Access bypass
Source: Drupal Security Announcements
10:11
- Advisory ID: SA-2008-033
- Project: Taxonomy Image (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-June-11
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Cross site scripting
Source: Drupal Security Announcements
07:16
- Advisory ID: SA-2008-032
- Project: Magic Tabs (third-party module)
- Versions: 5.x
- Date: 2008-June-11
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Arbitrary code execution
Source: Drupal Security Announcements
06:31
- Advisory ID: SA-2008-031
- Project: Pblog (third-party module)
- Versions: none
- Date: 2008-June-11
- Security risk: Not critical
- Exploitable from: Remote
- Subject: Incorrect vulnerability report
Source: Drupal Security Announcements
May 14, 2008
13:02
- Advisory ID: DRUPAL-SA-2008-030
- Project: Site Documentation (third-party module)
- Versions: 5.x and 6.x
- Date: 2008-May-14
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Privilege escalation
Source: Drupal Security Announcements
October 18, 2006
16:43
I am using civicspace 0.8.5. Drupal just released three critical cross-site-scripting security advisories (Advisory IDs DRUPAL-SA-2006-024 to 26) - is civicspace vulnerable to these? If so, how can I fix this?
Source: CivicSpace Labs
October 17, 2006
23:36
