📄 Magento Adobe Commerce 2.4.5-p7 Arbitrary File Read

Magento Adobe Commerce version 2.4.5-p7 suffers from an arbitrary file read vulnerability. ============================================================================================================================================= | Title : Magento Adobe Commerce 2.4.5-p7 arbitrary file read...

CVE-2025-54263 Adobe Commerce | Incorrect Authorization (CWE-863)

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Incorrect Authorization vulnerability. A low-privileged attacker could leverage this vulnerability to bypass security measures and maintain unauthorized access. Exploitation of...

EUVD-2015-8192

Malware in sbrugna...

EUVD-2015-7982

Malware in sbrugna...

EUVD-2015-7640

Malware in sbrugna...

EUVD-2015-2352

Malware in sbrugna...

EUVD-2015-2351

Malware in sbrugna...

EUVD-2024-53304

Malicious code in bioql PyPI...

Improper Input Validation

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Improper Input Validation. An attacker could cause the application to crash or become unresponsive by providing specially crafted input. Remediation Upgrade...

Malicious code in @zalastax/nolb-p7 (npm)

The package @zalastax/nolb-p7 was found to contain malicious code...

MAL-2025-12883 Malicious code in @zalastax/nolb-p7 (npm)

The package @zalastax/nolb-p7 was found to contain malicious code...

Path Traversal

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Path Traversal resulting in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Remediation Upgrade magento/community-edition t...

Cross-Site Request Forgery (CSRF)

Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-Site Request Forgery CSRF. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated,...

CVE-2024-56656 bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X P7 chip's HW GRO/LRO interface is very similar to that of the previous generation 5750X or P5. However, the aggregation ID fields in the completion structur...

CVE-2024-50158

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix out of bound check Driver exports pacing stats only on GenP5 and P7 adapters. But while parsing the pacing stats, driver has a check for "rdev-dbrpacing". This caused a trace when KASAN is enabled. BUG: KASAN:...

CVE-2024-50158

Technical details about CVE-2024-50158 (affected software, impact, exploitability, and remediation) are not provided in the supplied documents. Please monitor for updates.

CVE-2024-50158 RDMA/bnxt_re: Fix out of bound check

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix out of bound check Driver exports pacing stats only on GenP5 and P7 adapters. But while parsing the pacing stats, driver has a check for "rdev-dbrpacing". This caused a trace when KASAN is enabled. BUG: KASAN:...

GHSA-J3MH-WX5F-2VHG Magento Open Source Information Exposure vulnerability

Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass. An admin attacker could leverage this vulnerability to have a low impact on confidentiality which may aid in furth...

GHSA-2QHQ-FW98-H6WG Magento Open Source Improper Access Control vulnerability

Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have a low impact o...

GHSA-3FR3-GCQH-3M2G Magento Open Source Improper Input Validation vulnerability

Magento Open Source versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker could exploit this vulnerability to read files from the system outside of the intended...