Vulnerabilities > Magento > Magento > 1.14.4.4

DATE CVE VULNERABILITY TITLE RISK
2020-06-26 CVE-2020-9632 Unspecified vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability.
network
low complexity
magento
critical
 10.0
10
2020-06-26 CVE-2020-9631 Unspecified vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability.
network
low complexity
magento
critical
 10.0
10
2020-06-26 CVE-2020-9630 Improper Privilege Management vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability.
network
low complexity
magento CWE-269
7.5
7.5
2020-06-26 CVE-2020-9591 Information Exposure vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability.
network
low complexity
magento CWE-200
5.0
5.0
2020-06-26 CVE-2020-9588 Information Exposure Through Discrepancy vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability.
network
low complexity
magento CWE-203
6.5
6.5
2020-06-26 CVE-2020-9587 Incorrect Authorization vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability.
network
low complexity
magento CWE-863
5.0
5.0
2020-06-26 CVE-2020-9585 Unspecified vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability.
network
low complexity
magento
7.5
7.5
2020-06-26 CVE-2020-9584 Cross-site Scripting vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability.
network
magento CWE-79
3.5
3.5
2020-06-26 CVE-2020-9583 OS Command Injection vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability.
network
low complexity
magento CWE-78
7.5
7.5
2020-06-26 CVE-2020-9582 OS Command Injection vulnerability in Magento
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability.
network
low complexity
magento CWE-78
7.5
7.5