Adobe

Commerce

147 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-39417

  • EPSS 0.12%
  • Veröffentlicht 14.08.2024 12:15:28
  • Zuletzt bearbeitet 14.08.2024 14:33:20

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass s...

4.3

CVE-2024-39410

  • EPSS 0.28%
  • Veröffentlicht 14.08.2024 12:15:27
  • Zuletzt bearbeitet 16.10.2024 13:34:52

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a u...

4.3

CVE-2024-39411

  • EPSS 0.16%
  • Veröffentlicht 14.08.2024 12:15:27
  • Zuletzt bearbeitet 14.08.2024 14:40:55

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass s...

4.3

CVE-2024-39412

  • EPSS 0.15%
  • Veröffentlicht 14.08.2024 12:15:27
  • Zuletzt bearbeitet 16.10.2024 13:33:27

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass s...

4.3

CVE-2024-39413

  • EPSS 0.12%
  • Veröffentlicht 14.08.2024 12:15:27
  • Zuletzt bearbeitet 14.08.2024 14:39:39

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass s...

4.3

CVE-2024-39405

  • EPSS 0.17%
  • Veröffentlicht 14.08.2024 12:15:26
  • Zuletzt bearbeitet 14.08.2024 14:44:17

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass s...

6.8

CVE-2024-39406

  • EPSS 0.39%
  • Veröffentlicht 14.08.2024 12:15:26
  • Zuletzt bearbeitet 16.10.2024 13:37:57

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An admin attacke...

4.3

CVE-2024-39407

  • EPSS 0.17%
  • Veröffentlicht 14.08.2024 12:15:26
  • Zuletzt bearbeitet 14.08.2024 14:42:50

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass s...

4.3

CVE-2024-39408

  • EPSS 0.21%
  • Veröffentlicht 14.08.2024 12:15:26
  • Zuletzt bearbeitet 16.10.2024 13:36:13

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changeson behalf of a us...

4.3

CVE-2024-39409

  • EPSS 0.21%
  • Veröffentlicht 14.08.2024 12:15:26
  • Zuletzt bearbeitet 16.10.2024 13:35:32

Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could allow an attacker to bypass security features and perform minor integrity changes on behalf of a u...