Vulnerabilities > Magento

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-29	CVE-2020-9692	Incorrect Authorization vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. network magento CWE-863	8.5
2020-07-29	CVE-2020-9691	Cross-site Scripting vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. network magento CWE-79 critical	9.3
2020-07-29	CVE-2020-9690	Information Exposure Through Discrepancy vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. network magento CWE-203	3.5
2020-07-29	CVE-2020-9689	Path Traversal vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. network magento CWE-22	8.5
2020-07-22	CVE-2020-9665	Cross-site Scripting vulnerability in Magento Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vulnerability. network magento CWE-79	4.3
2020-07-22	CVE-2020-9664	Code Injection vulnerability in Magento Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerability. network low complexity magento CWE-94	7.5
2020-06-26	CVE-2020-9632	Unspecified vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. network low complexity magento critical	10.0
2020-06-26	CVE-2020-9631	Unspecified vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. network low complexity magento critical	10.0
2020-06-26	CVE-2020-9630	Improper Privilege Management vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability. network low complexity magento CWE-269	7.5
2020-06-26	CVE-2020-9591	Information Exposure vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. network low complexity magento CWE-200	5.0

Vulnerabilities > Magento {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Magento"}]}

Vulnerabilities > Magento