Total
222 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9689 | 1 Magento | 1 Magento | 2020-07-30 | 8.5 HIGH | 6.5 MEDIUM |
| Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9690 | 1 Magento | 1 Magento | 2020-07-30 | 3.5 LOW | 4.2 MEDIUM |
| Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass. | |||||
| CVE-2020-9691 | 1 Magento | 1 Magento | 2020-07-29 | 9.3 HIGH | 9.6 CRITICAL |
| Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2014-9758 | 1 Magento | 1 Magento | 2020-07-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1. | |||||
| CVE-2020-9665 | 1 Magento | 1 Magento | 2020-07-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2020-9632 | 1 Magento | 1 Magento | 2020-07-02 | 10.0 HIGH | 9.8 CRITICAL |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9588 | 1 Magento | 1 Magento | 2020-07-01 | 6.5 MEDIUM | 7.2 HIGH |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass. | |||||
| CVE-2020-9581 | 1 Magento | 1 Magento | 2020-07-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2020-9580 | 1 Magento | 1 Magento | 2020-07-01 | 7.5 HIGH | 9.8 CRITICAL |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9579 | 1 Magento | 1 Magento | 2020-07-01 | 7.5 HIGH | 9.8 CRITICAL |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9577 | 1 Magento | 1 Magento | 2020-07-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure . | |||||
| CVE-2020-9631 | 1 Magento | 1 Magento | 2020-07-01 | 10.0 HIGH | 9.8 CRITICAL |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9585 | 1 Magento | 1 Magento | 2020-07-01 | 7.5 HIGH | 9.8 CRITICAL |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9584 | 1 Magento | 1 Magento | 2020-06-30 | 3.5 LOW | 5.4 MEDIUM |
| Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2020-3715 | 1 Magento | 1 Magento | 2020-01-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2020-3716 | 1 Magento | 1 Magento | 2020-01-30 | 10.0 HIGH | 9.8 CRITICAL |
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3717 | 1 Magento | 1 Magento | 2020-01-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2020-3718 | 1 Magento | 1 Magento | 2020-01-30 | 10.0 HIGH | 9.8 CRITICAL |
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3719 | 1 Magento | 1 Magento | 2020-01-30 | 7.8 HIGH | 7.5 HIGH |
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2020-3758 | 1 Magento | 1 Magento | 2020-01-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||