Vulnerabilities > Magento
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-29 | CVE-2020-9692 | Incorrect Authorization vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. | 8.5 |
2020-07-29 | CVE-2020-9691 | Cross-site Scripting vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. | 9.3 |
2020-07-29 | CVE-2020-9690 | Information Exposure Through Discrepancy vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. | 3.5 |
2020-07-29 | CVE-2020-9689 | Path Traversal vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. | 8.5 |
2020-07-22 | CVE-2020-9665 | Cross-site Scripting vulnerability in Magento Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vulnerability. | 4.3 |
2020-07-22 | CVE-2020-9664 | Code Injection vulnerability in Magento Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerability. | 7.5 |
2020-06-26 | CVE-2020-9632 | Unspecified vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. | 10.0 |
2020-06-26 | CVE-2020-9631 | Unspecified vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. | 10.0 |
2020-06-26 | CVE-2020-9630 | Improper Privilege Management vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability. | 7.5 |
2020-06-26 | CVE-2020-9591 | Information Exposure vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. | 5.0 |