Vulnerabilities > Magento
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-05 | CVE-2019-8126 | XML Entity Expansion vulnerability in Magento An XML entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 4.0 |
2019-11-05 | CVE-2019-8125 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. | 6.5 |
2019-11-05 | CVE-2019-8124 | Insufficient Verification of Data Authenticity vulnerability in Magento An insufficient logging and monitoring vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 4.0 |
2019-11-05 | CVE-2019-8123 | Unspecified vulnerability in Magento An insufficient logging and monitoring vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3, Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 5.0 |
2019-11-05 | CVE-2019-8122 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 6.5 |
2019-11-05 | CVE-2019-8121 | Unspecified vulnerability in Magento An insecure component vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 7.5 |
2019-11-05 | CVE-2019-8120 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 3.5 |
2019-11-05 | CVE-2019-8119 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 6.5 |
2019-11-05 | CVE-2019-8118 | Cleartext Storage of Sensitive Information vulnerability in Magento Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts. | 5.0 |
2019-11-05 | CVE-2019-8117 | Cross-site Scripting vulnerability in Magento A stored cross-site scripting (XSS) vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 3.5 |