Filter
AND
AND
MagentoPRODSECBUG-2376: Remote code execution through crafted page layout and image data
8.8
First published (updated )
MagentoPRODSECBUG-2446: Remote code execution via custom layout update in create product functionality
8.8
First published (updated )
MagentoPRODSECBUG-2414: Remote code execution through custom layout update of the content management functi…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoPRODSECBUG-2332: Remote code execution through arbitrary file inclusion
8.8
First published (updated )
MagentoPRODSECBUG-2470: Remote Code Execution in email templates
8.8
First published (updated )
MagentoPRODSECBUG-2469: Remote Code Execution in email templates
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/magento/product-community-editionPRODSECBUG-2232: Arbitrary code execution via layout manipulation
8.8
First published (updated )
Adobe CommerceMagento Commerce Improper Input Validation Could Lead To Information Exposure and Privilege Escalation
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Adobe Magento CommerceAdobe Commerce Improper Limitation of a Pathname to a Restricted Directory Arbitrary code execution
8.8
First published (updated )
Adobe Magento CommerceAdobe Commerce Improper Access Control Privilege escalation
8.8
First published (updated )
Adobe CommerceMagento Commerce Authenticated Blind SSRF Could Lead To Remote Code Execution
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MagentoPRODSECBUG-2456: Broken authentication and session managememt
7.5
First published (updated )
composer/magento/community-editionInfoleak, Input Validation
7.5
First published (updated )
composer/magento/community-editionPRODSECBUG-2325: Denial-of-service by forcing a store to respond with a 404 error
7.5
First published (updated )
composer/magento/community-editionPRODSECBUG-2347: Insufficient brute-forcing defenses in the token exchange protocol could be abused …
7.5
First published (updated )
MagentoPRODSECBUG-2465: Bypass of user confirmation mechanism
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
composer/magento/community-editionPRODSECBUG-2429: Insecure object reference via customer REST API
7.5
First published (updated )
composer/magento/community-editionPRODSECBUG-2276: Insecure Direct Object Reference (IDOR) vulnerability can expose order shipping det…
7.5
First published (updated )
MagentoPRODSECBUG-2095: Defense-in-depth session validation check implemented
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.