Filters

Software

magento magento
36
magento advanced newsletter
1

Magento MagentoMagento Commerce Widgets Update Layout XML Injection Vulnerability Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-36023

Adobe CommerceAdobe Commerce XML Injection Arbitrary code execution

critical
9.1
First published (updated )
CVE-2022-34253

Adobe CommerceAdobe Commerce Improper Authorization Privilege escalation

critical
9.8
First published (updated )
CVE-2022-34256

Adobe CommerceAdobe Commerce and Magento Open Source Improper Input Validation Vulnerability

critical
10
Exploited
First published (updated )
CVE-2022-24086

Magento MagentoMagento Commerce Arbitrary Folder Empty Could Lead To Arbitrary Code Execution

critical
9.1
First published (updated )
CVE-2021-21014

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Magento MagentoMagento Commerce Unauthorized Data Modification Could Lead to Arbitrary Code Execution

critical
9.1
First published (updated )
CVE-2021-21016

Magento MagentoMagnto Commerce Unauthorized Data Modification Could Lead To Arbitrary Code Execution

critical
9.1
First published (updated )
CVE-2021-21018

Magento MagentoMagento Commerce XML Injection Could Lead To Arbitrary Code Execution

critical
9.1
First published (updated )
CVE-2021-21025

Magento MagentoMagento Commerce XML Injection Could Lead To Remote Code Execution

critical
9.1
First published (updated )
CVE-2021-21019

Magento MagentoMagento Commerce Blind SQL Injection Could Lead To Unauthorized Access

critical
9.1
First published (updated )
CVE-2021-21024

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Magento MagentoArbitrary code execution via file import functionality

critical
9.1
First published (updated )
CVE-2020-24407

Magento MagentoXSS

critical
9.6
First published (updated )
CVE-2020-9691

Magento MagentoCode Injection

critical
9.8
First published (updated )
CVE-2020-9664

Magento MagentoCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2020-9576

Magento MagentoCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2020-9578

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Magento MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
10
First published (updated )
CVE-2020-9631

Magento MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
9.8
First published (updated )
CVE-2020-9630

Magento MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
10
First published (updated )
CVE-2020-9632

Magento MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
9.8
First published (updated )
CVE-2020-9580

Magento MagentoCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2020-9582

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Magento MagentoCommand Injection, OS Command Injection

critical
9.8
First published (updated )
CVE-2020-9583

Magento MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
9.8
First published (updated )
CVE-2020-9579

Magento MagentoMagento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4…

critical
9.8
First published (updated )
CVE-2020-9585

Magento Advanced NewsletterSQL Injection

critical
10
First published (updated )
CVE-2014-1634

Magento MagentoMagento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlie…

critical
10
First published (updated )
CVE-2020-3718

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Magento MagentoMagento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlie…

critical
10
First published (updated )
CVE-2020-3716

Magento MagentoOS Command Injection, Command Injection

critical
9
First published (updated )
CVE-2019-8159

Magento MagentoPRODSECBUG-2447: Using JS libraries with known security vulnerabilities

critical
9.8
First published (updated )
CVE-2019-8121

Magento MagentoPRODSECBUG-2390: Broken authentication and session managememt

critical
9.8
First published (updated )
CVE-2019-8149

Magento MagentoPRODSECBUG-2416: Using vulnerable component that provides abstraction of HTTP specification

critical
9.8
First published (updated )
CVE-2019-8136

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Magento MagentoPRODSECBUG-2272: XPath Injection via front end rendering functionality

critical
9.8
First published (updated )
CVE-2019-8158

Magento MagentoPRODSECBUG-2403: Remote code execution through crafted PageBuilder templates

critical
9.8
First published (updated )
CVE-2019-8144

Magento MagentoPRODSECBUG-2417: Remote code execution via vulnerable Symphony dependecy injection

critical
9.8
First published (updated )
CVE-2019-8135

composer/magento/community-editionMalicious File Upload

critical
9
First published (updated )
CVE-2019-7930

Magento MagentoXSS, CSRF, SQL Injection

critical
9.8
First published (updated )
CVE-2019-7139

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Magento MagentoInfoleak

critical
9.8
First published (updated )
CVE-2015-8707

Magento MagentoMagento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks an…

critical
9.8
First published (updated )
CVE-2016-4010

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203