Drupal Forewarns ‘Highly Critical’ Bug to be Patched Next Week https://threatpost.com/drupal-forewarns-highly-critical-bug-to-be-patched-next-week
Exploitation of Drupalgeddon2 Flaw Starts After Publication of PoC Code April 13, 2018 https://www.bleepingcomputer.com/ne...n2-flaw-starts-after-publication-of-poc-code/
Hackers Don't Give Site Owners Time to Patch, Start Exploiting New Drupal Flaw Within Hours April 25, 2018 https://www.bleepingcomputer.com/ne...tart-exploiting-new-drupal-flaw-within-hours/
Over 115,000 Drupal Sites still vulnerable to Drupalgeddon2, a gift to crooks Two months after the release of the security updates for the drupalgeddon2 flaw, experts continue to see vulnerable websites running on flawed versions of Drupal that hasn’t installed security patches. June 5, 2018 https://securityaffairs.co/wordpress/73219/hacking/drupalgeddon2-vulnerable-sites.html
Drupal core - Highly critical - Remote Code Execution - SA-CORE-2019-003 February 20, 2019 https://www.drupal.org/sa-core-2019-003
Recently disclosed Drupal CVE-2019-6340 RCE flaw exploited in the wild February 26, 2019 https://securityaffairs.co/wordpress/81684/breaking-news/drupal-vulnerability-cve-2019-6340.html
Drupal core - Moderately critical - Third-party libraries - SA-CORE-2019-007 May 8, 2019 https://www.drupal.org/sa-core-2019-007
Drupal Releases Security Update July 17, 2019 https://www.us-cert.gov/ncas/current-activity/2019/07/17/drupal-releases-security-update
Drupal Security Updates (December 18, 2019) Drupal core - Critical - Multiple vulnerabilities - SA-CORE-2019-012 Drupal core - Moderately critical - Access bypass - SA-CORE-2019-011 Drupal core - Moderately critical - Multiple vulnerabilities - SA-CORE-2019-010 Drupal core - Moderately critical - Denial of Service - SA-CORE-2019-009
Drupal core - Moderately critical - Third-party library - SA-CORE-2020-001 March 18, 2020 https://www.drupal.org/sa-core-2020-001
Drupal Security Updates (May 20, 2020) Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2020-002 Drupal core - Moderately critical - Open Redirect - SA-CORE-2020-003