Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-0617

Malware in sbrugna...

8CVSS7.7AI score0.00931EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/05 2:53 p.m.12 views

CVE-2020-15151

OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the fromkey protection in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2...

8CVSS6.5AI score0.01632EPSS
Exploits0
OSV
OSV
added 2024/03/06 11:8 a.m.20 views

BIT-MAGENTO-2020-15151 Observable Timing Discrepancy in OpenMage LTS

OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the fromkey protection in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2...

8CVSS5.5AI score0.00931EPSS
Exploits0References4
NVD
NVD
added 2020/08/20 1:17 a.m.19 views

CVE-2020-15151

OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the fromkey protection in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2...

8CVSS5.3AI score0.00931EPSS
Exploits0References3
Prion
Prion
added 2020/08/20 1:17 a.m.20 views

Cross site request forgery (csrf)

OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the fromkey protection in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. This issue is related to Adobe's CVE-2020-9690. It is patched in versions 19.4.6 and 20.0.2...

4CVSS5.6AI score0.01632EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2020/08/19 6:10 p.m.88 views

CVE-2020-15151

OpenMage LTS before 19.4.6 and 20.0.2 is affected by CVE-2020-15151, a timing-discrepancy/CSRF-related issue that lets attackers circumvent the fromkey protection in the Admin Interface, increasing CSRF surface. The underlying risk is an observable timing discrepancy that, if exploited, could byp...

8CVSS5.6AI score0.00931EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/08/19 6:2 p.m.28 views

GHSA-CRF2-XM6X-46P6 Observable Timing Discrepancy in OpenMage LTS

Impact This vulnerability allows to circumvent the formkey protection in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks Patches The latest OpenMage Versions up from 19.4.6 and 20.0.2 have this Issue solved References Related to Adobes CVE-2020-9690...

8CVSS5.6AI score0.00931EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2020/08/19 6:2 p.m.51 views

Observable Timing Discrepancy in OpenMage LTS

Impact This vulnerability allows to circumvent the formkey protection in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks Patches The latest OpenMage Versions up from 19.4.6 and 20.0.2 have this Issue solved References Related to Adobes CVE-2020-9690...

8CVSS2.5AI score0.00931EPSS
Exploits0References5Affected Software1
ThreatPost
ThreatPost
added 2020/07/29 9:22 p.m.236 views

Critical Magento Flaws Allow Code Execution

Critical flaws in Adobe’s Magento e-commerce platform – which is commonly targeted by attackers like the Magecart cybergang – could enable arbitrary code execution on affected systems. Magento is a popular, Adobe-owned open-source e-commerce platform that powers many online shops. Adobe on Tuesda...

8.5CVSS1.5AI score0.26869EPSS
Exploits1References11
OSV
OSV
added 2020/07/29 1:15 p.m.28 views

CVE-2020-9690

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass...

4.2CVSS6.5AI score
Exploits0References1
NVD
NVD
added 2020/07/29 1:15 p.m.27 views

CVE-2020-9690

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass...

4.2CVSS5.6AI score0.01632EPSS
Exploits0References1
CVE
CVE
added 2020/07/29 12:20 p.m.76 views

CVE-2020-9690

The CVE-2020-9690 observable timing discrepancy affects Magento/OpenMage LTS: OpenMage LTS before 19.4.6 and 20.0.2 allows bypass of fromkey protection in Admin Interface, increasing CSRF risk; patched in 19.4.6 and 20.0.2. Details are tied to Adobe’s CVE-2020-9690; exploitation status is not pro...

4.2CVSS5.4AI score0.01632EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder