| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-21013 | Magento Commerce Insecure Direct Object Reference Could Lead To Information Disclosure | Adobe | Magento Commerce | High | 8.1 | 2021-01-13 22:35:54 | Deep Dive |
| CVE-2021-21012 | Magento Commerce Insecure Direct Object Reference Vulnerability Could Lead To Sensitive Information Disclosure | Adobe | Magento Commerce | 中危 | - | 2021-01-13 22:35:39 | Deep Dive |
| CVE-2020-24404 | Incorrect permissions in Integrations component could lead to unauthorized deletion of cmsPages via REST API | Adobe | Magento Commerce | Low | 2.7 | 2020-11-09 00:40:05 | Deep Dive |
| CVE-2020-24407 | Arbitrary code execution via file import functionality | Adobe | Magento Commerce | Critical | 9.1 | 2020-11-09 00:39:56 | Deep Dive |
| CVE-2020-24406 | Document root path disclosure on Maintenance page | Adobe | Magento Commerce | Low | 3.7 | 2020-11-09 00:39:49 | Deep Dive |
| CVE-2020-24405 | Incorrect permissions in Inventory module could lead to unauthorized modification of inventory stock data | Adobe | Magento Commerce | Medium | 4.3 | 2020-11-09 00:39:43 | Deep Dive |
| CVE-2020-24403 | Incorrect permissions could lead to unauthorized modification of inventory source data via REST API | Adobe | Magento Commerce | Low | 2.7 | 2020-11-09 00:39:38 | Deep Dive |
| CVE-2020-24401 | Incorrect permissions following the deletion of a user role or deactivation of a user | Adobe | Magento Commerce | Medium | 6.5 | 2020-11-09 00:39:30 | Deep Dive |
| CVE-2020-24402 | Incorrect permissions in the Integrations component could lead to unauthorized deletion of customer details via REST API | Adobe | Magento Commerce | Medium | 4.9 | 2020-11-09 00:39:15 | Deep Dive |
| CVE-2020-24400 | SQL injection allows arbitrary read from database | Adobe | Magento Commerce | High | 7.1 | 2020-11-09 00:39:02 | Deep Dive |
| CVE-2020-15244 | RCE in Magento | OpenMage | magento-lts | High | 8.0 | 2020-10-21 20:05:20 | Deep Dive |
| CVE-2020-24408 | Stored XSS in customer address upload feature | Adobe | Magento Commerce | Medium | 6.1 | 2020-10-16 14:03:11 | Deep Dive |
| CVE-2020-15151 | Observable Timing Discrepancy in OpenMage LTS | OpenMage | magento-lts | High | 8.0 | 2020-08-19 18:10:13 | Deep Dive |
| CVE-2020-9691 | Adobe Magento Commerce和Magento Open Source 跨站脚本漏洞 | Adobe | Magento | 超危 | - | 2020-07-29 12:20:52 | Deep Dive |
| CVE-2020-9692 | Adobe Magento Commerce和Magento Open Source 安全漏洞 | Adobe | Magento | 中危 | - | 2020-07-29 12:20:48 | Deep Dive |
| CVE-2020-9690 | Adobe Magento Commerce和Magento Open Source 安全漏洞 | Adobe | Magento | 中危 | - | 2020-07-29 12:20:42 | Deep Dive |
| CVE-2020-9689 | Adobe Magento Commerce和Magento Open Source 路径遍历漏洞 | Adobe | Magento | 中危 | - | 2020-07-29 12:20:36 | Deep Dive |
| CVE-2020-9664 | Adobe Magento Open Source和Magento Commerce 代码注入漏洞 | Adobe | Magento | 超危 | - | 2020-07-22 19:23:22 | Deep Dive |
| CVE-2020-9665 | Adobe Magento Open Source和Magento Commerce 跨站脚本漏洞 | Adobe | Magento | 中危 | - | 2020-07-22 19:23:12 | Deep Dive |
| CVE-2020-9577 | Adobe Magento 跨站脚本漏洞 | Adobe | Magento | 中危 | - | 2020-06-26 20:21:24 | Deep Dive |