Lucene search
K

5 matches found

NVD
NVD
added 2026/03/13 7:54 p.m.4 views

CVE-2026-32349

Server-Side Request Forgery SSRF vulnerability in Andy Fragen Embed PDF Viewer embed-pdf-viewer allows Server Side Request Forgery.This issue affects Embed PDF Viewer: from n/a through = 2.4.7...

4.9CVSS0.00152EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.2 views

PT-2025-6371 · Adobe · Commerce

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier Description: The issue is related to an Improper Access Control vulnerability that could result in privilege escalation. A low-privileged attacker could...

8.8CVSS6.8AI score0.00433EPSS
Exploits0References12
Github Security Blog
Github Security Blog
added 2024/08/14 12:35 p.m.5 views

Magento Improper Authorization leads to Security feature bypass

Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information...

4.3CVSS6.6AI score0.00442EPSS
Exploits0References3Affected Software2
Github Security Blog
Github Security Blog
added 2024/08/14 12:35 p.m.5 views

Magento Improper Authorization vulnerability

Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and modify minor information...

4.3CVSS6.4AI score0.00429EPSS
Exploits0References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2021/12/20 12:15 p.m.3 views

CVE-2021-44224

A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...

8.2CVSS7AI score0.82295EPSS
Exploits0References24Affected Software1
Rows per page
Query Builder