Vulnerabilities > Magento > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-06 | CVE-2019-8155 | Cross-Site Request Forgery (CSRF) vulnerability in Magento Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a user's CSRF token in the URL of a GET request. | 7.5 |
2019-11-06 | CVE-2019-8154 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 8.8 |
2019-11-06 | CVE-2019-8151 | Server-Side Request Forgery (SSRF) vulnerability in Magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 7.2 |
2019-11-06 | CVE-2019-8150 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 8.8 |
2019-11-06 | CVE-2019-8141 | Deserialization of Untrusted Data vulnerability in Magento A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. | 7.2 |
2019-11-06 | CVE-2019-8137 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 8.8 |
2019-11-06 | CVE-2019-8134 | SQL Injection vulnerability in Magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 8.8 |
2019-11-06 | CVE-2019-8130 | SQL Injection vulnerability in Magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 8.8 |
2019-11-05 | CVE-2019-8127 | SQL Injection vulnerability in Magento A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. | 8.8 |
2019-11-05 | CVE-2019-8125 | Unspecified vulnerability in Magento A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. | 7.2 |