Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24447

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00573EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/14 6:24 p.m.7 views

CVE-2025-49556

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

7.5CVSS7.1AI score0.00573EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2025/08/12 6:31 p.m.5 views

Magento Cross-site Scripting vulnerability

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be exploited by a low-privileged attacker to inject malicious scripts into vulnerable form fields. These scripts may be...

8.7CVSS5.6AI score0.00604EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2025/08/12 6:31 p.m.2 views

GHSA-7HRJ-3C9X-XV5H Magento has incorrect authorization issue that leads to arbitrary file system read

Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized...

7.5CVSS6.6AI score0.00573EPSS
Exploits0References3
OSV
OSV
added 2025/08/12 6:31 p.m.4 views

GHSA-XGFM-992V-H2HR Magento vulnerable to denial of service

Magento versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input, causing th...

7.5CVSS6.4AI score0.00541EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/12 5:55 p.m.7 views

CVE-2025-49554 Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Input Validation vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability by providing specially crafted input,...

7.5CVSS0.00541EPSS
Exploits0References1
Rows per page
Query Builder