These posts by the Drupal security team are also sent to the security announcements e-mail list.
SA-CORE-2013-002 - Drupal core - Denial of service
- Advisory ID: DRUPAL-SA-CORE-2013-002
- Project: Drupal core
- Version: 7.x
- Date: 2013-February-20
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Denial of service
SA-CORE-2013-001 - Drupal core - Multiple vulnerabilities
- Advisory ID: DRUPAL-SA-CORE-2013-001
- Project: Drupal core
- Version: 6.x, 7.x
- Date: 2013-January-16
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Cross Site Scripting, Access bypass
SA-CORE-2012-004 - Drupal core - Multiple vulnerabilities
- Advisory ID: DRUPAL-SA-CORE-2012-004
- Project: Drupal core
- Version: 6.x, 7.x
- Date: 2012-December-19
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Access bypass, Arbitrary PHP code execution
SA-CORE-2012-003 - Drupal core - Arbitrary PHP code execution and Information disclosure
- Advisory ID: DRUPAL-SA-CORE-2012-003
- Project: Drupal core
- Version: 7.x
- Date: 2012-October-17
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Information Disclosure, Arbitrary PHP code execution
SA-CORE-2012-002 - Drupal core multiple vulnerabilities
- Advisory ID: DRUPAL-SA-CORE-2012-002
- Project: Drupal core
- Version: 7.x
- Date: 2012-May-2
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Denial of Service, Access bypass, Unvalidated form redirect
SA-CORE-2012-001 - Drupal core multiple vulnerabilities
- Advisory ID: DRUPAL-SA-CORE-2012-001
- Project: Drupal core
- Version: 6.x, 7.x
- Date: 2012-February-01
- Security risk: Moderately critical
- Exploitable from: Remote
- Vulnerability: Access bypass, Cross Site Request Forgery, Multiple vulnerabilities
SA-CORE-2011-003 - Drupal core - Access bypass
- Advisory ID: DRUPAL-SA-CORE-2011-003
- Project: Drupal core
- Version: 7.x
- Date: 2011-July-27
- Security risk: Less critical
- Exploitable from: Remote
- Vulnerability: Access bypass
SA-CORE-2011-002 - Drupal core - Access bypass
- Advisory ID: DRUPAL-SA-CORE-2011-002
- Project: Drupal core
- Version: 7.x
- Date: 2011-JUNE-29
- Security risk: Highly critical
- Exploitable from: Remote
- Vulnerability: Access bypass
SA-CORE-2011-001 - Drupal core - Multiple vulnerabilities
- Advisory ID: DRUPAL-SA-CORE-2011-001
- Project: Drupal core
- Version: 6.x, 7.x
- Date: 2011-May-25
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Access bypass, Cross Site Scripting
SA-CORE-2010-002 - Drupal core - Multiple vulnerabilities
- Advisory ID: DRUPAL-SA-CORE-2010-002
- Project: Drupal core
- Version: 5.x, 6.x
- Date: 2010-August-11
- Security risk: Critical
- Exploitable from: Remote
- Vulnerability: Multiple vulnerabilities