| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-36029 | Magento Commerce Improper Authorization Vulnerability Could Lead To Remote Code Execution | Adobe | Magento Commerce | Critical | 9.1 | 2021-09-01 14:29:55 | Deep Dive |
| CVE-2021-36026 | Magento Commerce Stored Cross-site Scripting Vulnerability | Adobe | Magento Commerce | Medium | 6.5 | 2021-09-01 14:29:48 | Deep Dive |
| CVE-2021-36032 | Magento Commerce Improper Input Validation Could Lead To Information Exposure and Privilege Escalation | Adobe | Magento Commerce | High | 8.3 | 2021-09-01 14:29:41 | Deep Dive |
| CVE-2021-36038 | Magento Commerce Multishipping Module Improper Input Validation Could Lead To Information Exposure | Adobe | Magento Commerce | Medium | 6.5 | 2021-09-01 14:29:34 | Deep Dive |
| CVE-2021-36028 | Magento Commerce XML Injection Vulnerability Could Lead To Remote Code Execution | Adobe | Magento Commerce | Critical | 9.1 | 2021-09-01 14:28:56 | Deep Dive |
| CVE-2021-36034 | Magento Commerce Improper Input Validation Could Lead To Remote Code Execution | Adobe | Magento Commerce | Critical | 9.1 | 2021-09-01 14:28:46 | Deep Dive |
| CVE-2021-36022 | Magento Commerce Widgets Update Layout XML Injection Vulnerability Could Lead To Remote Code Execution | Adobe | Magento Commerce | Critical | 9.1 | 2021-09-01 14:28:37 | Deep Dive |
| CVE-2021-36033 | Magento Commerce Widgets Module XML Injection Vulnerability Could Lead To Remote Code Execution | Adobe | Magento Commerce | Critical | 9.1 | 2021-09-01 14:28:31 | Deep Dive |
| CVE-2021-36037 | Magento Commerce Improper Authorization Vulnerability Could Lead To Information Exposure | Adobe | Magento Commerce | Medium | 6.5 | 2021-09-01 14:28:24 | Deep Dive |
| CVE-2021-36012 | Magento Commerce Gift Card Business Logic Error | Adobe | Magento Commerce | Medium | 6.5 | 2021-09-01 14:28:16 | Deep Dive |
| CVE-2021-32759 | Data Flow Sanitation Issue Fix | OpenMage | magento-lts | High | 7.2 | 2021-08-27 22:00:11 | Deep Dive |
| CVE-2021-32758 | Layout XML Arbitrary Code Fix | OpenMage | magento-lts | High | 7.2 | 2021-08-27 17:30:10 | Deep Dive |
| CVE-2021-28584 | Magento Commerce path traversal vulnerability in child theme store creation | Adobe | Magento Commerce | Medium | 5.4 | 2021-06-28 13:49:14 | Deep Dive |
| CVE-2021-28585 | Magento Commerce improper input validation in customer customer webapi | Adobe | Magento Commerce | Medium | 5.3 | 2021-06-28 13:47:54 | Deep Dive |
| CVE-2021-28583 | Magento Commerce insecure storage of sensitive documentation | Adobe | Magento Commerce | High | 7.5 | 2021-06-28 13:47:40 | Deep Dive |
| CVE-2021-28563 | Magento Commerce improper Authorization via the 'Create Customer' endpoint | Adobe | Magento Commerce | Medium | 6.5 | 2021-06-28 13:45:11 | Deep Dive |
| CVE-2021-28556 | Magento Commerce DOM-based cross-site scripting (XSS) could lead to arbitrary javascript execution | Adobe | Magento Commerce | Medium | 6.9 | 2021-06-28 13:42:13 | Deep Dive |
| CVE-2021-32684 | Missing Handler in @scandipwa/magento-scripts | scandipwa | create-magento-app | Medium | 6.2 | 2021-06-14 23:05:09 | Deep Dive |
| CVE-2021-21427 | Backport for CVE-2021-21024 Blind SQLi from Magento 2 | OpenMage | magento-lts | Critical | 9.1 | 2021-04-21 20:55:14 | Deep Dive |
| CVE-2021-21426 | Fixes a bug in Zend Framework's Stream HTTP Wrapper | OpenMage | magento-lts | Critical | 9.8 | 2021-04-21 20:15:18 | Deep Dive |