Filter
AND

MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
10
First published (updated )
CVE-2020-9631

MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
10
First published (updated )
CVE-2020-9632

MagentoMagento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlie…

critical
10
First published (updated )
CVE-2020-3716

MagentoMagento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlie…

critical
10
First published (updated )
CVE-2020-3718

MagentoPRODSECBUG-2447: Using JS libraries with known security vulnerabilities

critical
9.8
First published (updated )
CVE-2019-8121

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MagentoPRODSECBUG-2390: Broken authentication and session managememt

critical
9.8
First published (updated )
CVE-2019-8149

MagentoPRODSECBUG-2416: Using vulnerable component that provides abstraction of HTTP specification

critical
9.8
First published (updated )
CVE-2019-8136

MagentoPRODSECBUG-2272: XPath Injection via front end rendering functionality

critical
9.8
First published (updated )
CVE-2019-8158

MagentoPRODSECBUG-2403: Remote code execution through crafted PageBuilder templates

critical
9.8
First published (updated )
CVE-2019-8144

MagentoPRODSECBUG-2417: Remote code execution via vulnerable Symphony dependecy injection

critical
9.8
First published (updated )
CVE-2019-8135

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MagentoXSS, CSRF, SQL Injection

critical
9.8
First published (updated )
CVE-2019-7139

Adobe CommerceMagento Commerce XML Injection Vulnerability In The 'City' Field Could Lead To Remote Code Execution

critical
9.8
First published (updated )
CVE-2021-36020

MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
9.8
First published (updated )
CVE-2020-9630

MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
9.8
First published (updated )
CVE-2020-9585

MagentoCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2020-9576

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
9.8
First published (updated )
CVE-2020-9580

MagentoCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2020-9583

MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
9.8
First published (updated )
CVE-2020-9579

MagentoCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2020-9578

MagentoOS Command Injection, Command Injection

critical
9.8
First published (updated )
CVE-2020-9582

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe Magento CommerceAdobe Commerce Improper Authorization Privilege escalation

critical
9.8
First published (updated )
CVE-2022-34256

Adobe CommerceMagento Commerce Improper Input Validation Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36034

Adobe CommerceMagento Commerce Customer Edition Improper Input Validation Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36025

Adobe CommerceMagento Commerce Stock Media Improper Input Validation Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36035

Adobe CommerceMagento Commerce Widgets Module XML Injection Vulnerability Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36033

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe CommerceMagento Commerce Improper Authorization Vulnerability Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36029

Adobe CommerceMagento Commerce Improper Neutralization of Special Elements Used In A Command

critical
9.1
First published (updated )
CVE-2021-36024

Adobe CommerceMagento Commerce Widgets Update Layout XML Injection Vulnerability Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36022

Adobe CommerceMagento Commerce XML Injection Vulnerability Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36028

Adobe CommerceMagento Commerce Improper Input Validation Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36040

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203