Adobe

Commerce

153 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-45122

  • EPSS 0.1%
  • Veröffentlicht 10.10.2024 10:15:05
  • Zuletzt bearbeitet 10.10.2024 21:35:53

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass...

6.1

CVE-2024-45123

  • EPSS 1.07%
  • Veröffentlicht 10.10.2024 10:15:05
  • Zuletzt bearbeitet 10.10.2024 21:34:32

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious Java...

5.3

CVE-2024-45124

  • EPSS 0.1%
  • Veröffentlicht 10.10.2024 10:15:05
  • Zuletzt bearbeitet 11.10.2024 22:05:43

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security meas...

4.3

CVE-2024-45125

  • EPSS 0.07%
  • Veröffentlicht 10.10.2024 10:15:05
  • Zuletzt bearbeitet 11.10.2024 22:05:54

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could exploit this vulnerability to have a ...

7.6

CVE-2024-45117

  • EPSS 0.22%
  • Veröffentlicht 10.10.2024 10:15:04
  • Zuletzt bearbeitet 10.10.2024 21:47:11

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files fro...

6.5

CVE-2024-45118

  • EPSS 0.09%
  • Veröffentlicht 10.10.2024 10:15:04
  • Zuletzt bearbeitet 10.10.2024 21:47:00

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass...

4.9

CVE-2024-45119

  • EPSS 0.3%
  • Veröffentlicht 10.10.2024 10:15:04
  • Zuletzt bearbeitet 12.12.2024 21:05:17

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. An admin-privilege authenticated attacker can force the ap...

3.1

CVE-2024-45120

  • EPSS 0.07%
  • Veröffentlicht 10.10.2024 10:15:04
  • Zuletzt bearbeitet 12.12.2024 21:02:27

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature bypass. An attacker could exploit this vulnerability t...

4.3

CVE-2024-45121

  • EPSS 0.09%
  • Veröffentlicht 10.10.2024 10:15:04
  • Zuletzt bearbeitet 10.10.2024 21:37:08

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass...

9.8

CVE-2024-45115

  • EPSS 0.64%
  • Veröffentlicht 10.10.2024 10:15:03
  • Zuletzt bearbeitet 10.10.2024 21:51:56

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gain unauthorized access o...