CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

161 matches found

The Hacker News•added 2026/03/11 12:26 p.m.•10 views

Dozens of Vendors Patch Security Flaws Across Enterprise Software and Network Devices

SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on affected systems. The vulnerabilities in question listed below - CVE-2019-17571 CVSS score: 9.8 - A code injection vulnerability in SAP Quotation Management...

9.8CVSS7.6AI score0.28502EPSS

Exploits4

RedhatCVE•added 2026/01/07 9:37 a.m.•10 views

CVE-2019-7897

A stored cross-site scripting vulnerability exists in the admin panel of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited by an authenticated user with...

4.8CVSS5.6AI score0.00092EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:36 a.m.•5 views

CVE-2019-7899

Names of disabled downloadable products could be disclosed due to inadequate validation of user input in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2...

5.3CVSS6.7AI score0.00059EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:36 a.m.•8 views

CVE-2019-7945

A stored cross-cite scripting vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to modify currency symbols can inject...

5.4CVSS6AI score0.00086EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:36 a.m.•6 views

CVE-2019-7882

A stored cross-site scripting vulnerability exists in the WYSIWYG editor of Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to the editor can...

5.4CVSS5.8AI score0.00086EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:35 a.m.•4 views

CVE-2019-7932

A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary P...

7.2CVSS7.9AI score0.00897EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:35 a.m.•8 views

CVE-2019-7911

A server-side request forgery SSRF vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an authenticated user with access to the admin pan...

7.2CVSS7.2AI score0.00329EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:33 a.m.•4 views

CVE-2019-7898

Samples of disabled downloadable products are accessible in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to inadequate validation of user input...

5.3CVSS6.7AI score0.00059EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:33 a.m.•4 views

CVE-2019-7889

An injection vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with marketing manipulation privileges can invoke methods that alter data o...

6.5CVSS6.8AI score0.00081EPSS

Exploits0References1