| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-29289 | Adobe Commerce XML Injection Security feature bypass | Adobe | Magento Commerce | Medium | 6.5 | 2023-06-15 00:00:00 | Deep Dive |
| CVE-2023-29290 | Adobe Commerce Guest Cart Shipping Address Overwrite IDOR | Adobe | Magento Commerce | Medium | 5.3 | 2023-06-15 00:00:00 | Deep Dive |
| CVE-2023-29291 | Server Side Request Forgery (SSRF) in USPS carrier integration configuration | Adobe | Magento Commerce | Medium | 4.9 | 2023-06-15 00:00:00 | Deep Dive |
| CVE-2023-29294 | Bypass Purchase Order Approval using Company User in Adobe Commerce B2B | Adobe | Magento Commerce | Medium | 4.3 | 2023-06-15 00:00:00 | Deep Dive |
| CVE-2023-29292 | Server Side Request Forgery (SSRF) in FedEx carrier integration configuration | Adobe | Magento Commerce | Medium | 4.9 | 2023-06-15 00:00:00 | Deep Dive |
| CVE-2023-29296 | [Cloud] Customer suspects IDOR vulnerability | Adobe | Magento Commerce | Medium | 4.3 | 2023-06-15 00:00:00 | Deep Dive |
| CVE-2023-29297 | Admin-to-admin stored XSS via cache poisoning | Adobe | Magento Commerce | Critical | 9.1 | 2023-06-15 00:00:00 | Deep Dive |
| CVE-2023-22247 | Adobe Commerce XML Injection Arbitrary file system read | Adobe | Magento Commerce | High | 7.5 | 2023-03-27 00:00:00 | Deep Dive |
| CVE-2023-22249 | Adobe Commerce Stored XSS Arbitrary code execution | Adobe | Magento Commerce | Medium | 4.8 | 2023-03-27 00:00:00 | Deep Dive |
| CVE-2023-22251 | Adobe Commerce Incorrect Authorization Security feature bypass | Adobe | Magento Commerce | Medium | 4.3 | 2023-03-27 00:00:00 | Deep Dive |
| CVE-2023-22250 | Adobe Commerce Improper Access Control Security feature bypass | Adobe | Magento Commerce | Medium | 5.3 | 2023-03-27 00:00:00 | Deep Dive |
| CVE-2023-23617 | OpenMage LTS has DoS vulnerability in MaliciousCode filter | OpenMage | magento-lts | Medium | 4.9 | 2023-01-27 23:24:33 | Deep Dive |
| CVE-2021-41231 | OpenMage LTS DataFlow upload remote code execution vulnerability | OpenMage | magento-lts | High | 7.2 | 2023-01-27 18:12:01 | Deep Dive |
| CVE-2021-41144 | OpenMage LTS authenticated remote code execution through layout update | OpenMage | magento-lts | High | 8.8 | 2023-01-27 18:08:42 | Deep Dive |
| CVE-2021-41143 | OpenMage LTS arbitrary file deletion in customer media allows for remote code execution | OpenMage | magento-lts | High | 7.2 | 2023-01-27 18:02:09 | Deep Dive |
| CVE-2021-39217 | OpenMage LTS arbitrary command execution in custom layout update through blocks | OpenMage | magento-lts | High | 7.2 | 2023-01-27 17:57:58 | Deep Dive |
| CVE-2021-21395 | Magneto-lts vulnerable to Cross-Site Request Forgery | OpenMage | magento-lts | Medium | 4.2 | 2023-01-27 15:03:32 | Deep Dive |
| CVE-2022-35689 | Adobe Commerce Improper Access Control Security feature bypass | Adobe | Magento Commerce | Medium | 5.3 | 2022-10-14 19:48:17 | Deep Dive |
| CVE-2022-35698📌 | Adobe Commerce Stored XSS Arbitrary code execution | Adobe | Magento Commerce | Critical | 10.0 | 2022-10-14 19:48:10 | Deep Dive |
| CVE-2022-35692 | Adobe Commerce Improper Access Control Security feature bypass | Adobe | Magento Commerce | Medium | 5.3 | 2022-08-19 22:49:22 | Deep Dive |