Vulnerabilities > Magento > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-26 | CVE-2020-9585 | Unspecified vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. | 7.5 |
2020-06-26 | CVE-2020-9583 | OS Command Injection vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. | 7.5 |
2020-06-26 | CVE-2020-9582 | OS Command Injection vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. | 7.5 |
2020-06-26 | CVE-2020-9580 | Unspecified vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. | 7.5 |
2020-06-26 | CVE-2020-9579 | Unspecified vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. | 7.5 |
2020-06-26 | CVE-2020-9578 | OS Command Injection vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. | 7.5 |
2020-06-26 | CVE-2020-9576 | OS Command Injection vulnerability in Magento Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a command injection vulnerability. | 7.5 |
2020-01-29 | CVE-2020-3719 | SQL Injection vulnerability in Magento Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. | 7.8 |
2019-11-06 | CVE-2019-8158 | XML Injection (aka Blind XPath Injection) vulnerability in Magento An XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 7.5 |
2019-11-06 | CVE-2019-8149 | Insufficient Session Expiration vulnerability in Magento Insecure authentication and session management vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 7.5 |