138 matches found
Denial of Service (DoS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Denial of Service DoS through excessive requests to the process. An attacker can cause the application to become unresponsive or unavailable by sending a large number of...
Denial of Service (DoS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Denial of Service DoS through the handling of system resources. An attacker can cause the application to become unresponsive by sending specially crafted requests that...
Incorrect Authorization
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization via the authorization process. An attacker can gain unauthorized write access by bypassing security measures. Remediation Upgrade...
Denial of Service (DoS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Denial of Service DoS through the handling of resource requests. An attacker can cause the application to become unresponsive by sending specially crafted requests that...
Denial of Service (DoS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Denial of Service DoS through the handling of system resources. An attacker can cause the application to become unresponsive by sending specially crafted requests that...
Improper Authorization
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Authorization via improper authorization checks in the access control process. An attacker can gain unauthorized write access by tricking a user into visiting a...
Dependency on Vulnerable Third-Party Component
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Dependency on Vulnerable Third-Party Component due to the use of a vulnerable third-party component. An attacker can cause the application to crash by sending specially...
Incorrect Authorization
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization. Adobe Vulnerability Report:This vulnerability could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass...
Cross-site Scripting (XSS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS. Adobe Vulnerability Report:This vulnerability could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form field...
Cross-site Scripting (XSS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS. Adobe Vulnerability Report:This vulnerability could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields...
Incorrect Authorization
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization. Adobe Vulnerability Report:This vulnerability could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerabilit...
Improper Input Validation
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Input Validation. Adobe Vulnerability Report:This vulnerability could lead to application denial-of-service. An attacker could exploit this vulnerability by...
Cross-site Scripting (XSS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS. Adobe Vulnerability Report:This vulnerability could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form field...
Server-side Request Forgery (SSRF)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF. Adobe Vulnerability Report:This vulnerability could result in a Security feature bypass. A high-privileged attacker could exploit this...
Cross-site Scripting (XSS)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS. Adobe Vulnerability Report:This vulnerability could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form field...
Directory Traversal
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Directory Traversal. Adobe Vulnerability Report: This vulnerability could result in a security feature bypass. A high-privileged attacker could leverage this vulnerability ...
Improper Input Validation
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Input Validation. Adobe Vulnerability Report:This vulnerability could result in a security feature bypass, with limited impact to integrity. Exploitation of this...
Incorrect Authorization
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization. Adobe Vulnerability Report:This vulnerability could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass...
Incorrect Authorization
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Incorrect Authorization that enables a bypass of security features. Remediation Upgrade magento/community-edition to version 2.4.6-p14, 2.4.7-p9, 2.4.8-p4, 2.4.9-beta1 or...
EUVD-2015-3500
Malware in sbrugna...