Adobe

Magento

121 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-45130

  • EPSS 0.12%
  • Published 10.10.2024 10:15:06
  • Last modified 11.10.2024 22:08:57

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass...

5.4

CVE-2024-45131

  • EPSS 0.11%
  • Published 10.10.2024 10:15:06
  • Last modified 14.10.2024 11:15:11

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass ...

4.3

CVE-2024-45122

  • EPSS 0.12%
  • Published 10.10.2024 10:15:05
  • Last modified 10.10.2024 21:35:53

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass...

6.1

CVE-2024-45123

  • EPSS 0.42%
  • Published 10.10.2024 10:15:05
  • Last modified 10.10.2024 21:34:32

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious Java...

5.3

CVE-2024-45124

  • EPSS 0.19%
  • Published 10.10.2024 10:15:05
  • Last modified 11.10.2024 22:05:43

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security meas...

4.3

CVE-2024-45125

  • EPSS 0.1%
  • Published 10.10.2024 10:15:05
  • Last modified 11.10.2024 22:05:54

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a ...

7.6

CVE-2024-45117

  • EPSS 0.64%
  • Published 10.10.2024 10:15:04
  • Last modified 10.10.2024 21:47:11

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files fro...

6.5

CVE-2024-45118

  • EPSS 0.13%
  • Published 10.10.2024 10:15:04
  • Last modified 10.10.2024 21:47:00

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass...

4.9

CVE-2024-45119

  • EPSS 0.21%
  • Published 10.10.2024 10:15:04
  • Last modified 12.12.2024 21:05:17

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the ap...

3.1

CVE-2024-45120

  • EPSS 0.2%
  • Published 10.10.2024 10:15:04
  • Last modified 12.12.2024 21:02:27

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability t...