| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-39401 | Adobe Commerce | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) | Adobe | Adobe Commerce | High | 8.4 | 2024-08-14 11:57:15 | Deep Dive |
| CVE-2024-39397 | Adobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434) | Adobe | Adobe Commerce | Critical | 9.0 | 2024-08-14 11:57:14 | Deep Dive |
| CVE-2024-39411 | Adobe Commerce | Improper Authorization (CWE-285) | Adobe | Adobe Commerce | Medium | 4.3 | 2024-08-14 11:57:13 | Deep Dive |
| CVE-2024-39409 | Adobe Commerce | Cross-Site Request Forgery (CSRF) (CWE-352) | Adobe | Adobe Commerce | Medium | 4.3 | 2024-08-14 11:57:13 | Deep Dive |
| CVE-2024-39416 | Unauthorized user can export Orders Sale Report | Adobe | Adobe Commerce | Medium | 4.3 | 2024-08-14 11:57:12 | Deep Dive |
| CVE-2024-39414 | Being able to import/export tax rates without proper privileges | Adobe | Adobe Commerce | Medium | 4.3 | 2024-08-14 11:57:11 | Deep Dive |
| CVE-2024-39412 | Adobe Commerce | Improper Authorization (CWE-285) | Adobe | Adobe Commerce | Medium | 4.3 | 2024-08-14 11:57:10 | Deep Dive |
| CVE-2024-39406 | Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) | Adobe | Adobe Commerce | Medium | 6.8 | 2024-08-14 11:57:09 | Deep Dive |
| CVE-2024-39402 | Adobe Commerce | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78) | Adobe | Adobe Commerce | High | 8.4 | 2024-08-14 11:57:09 | Deep Dive |
| CVE-2024-39400 | DOM XSS through integrations can impact other admins | Adobe | Adobe Commerce | High | 8.1 | 2024-08-14 11:57:08 | Deep Dive |
| CVE-2024-39404 | A user without Shop Policy Parameters section privilege can alter the shop policy parameters section | Adobe | Adobe Commerce | Medium | 4.3 | 2024-08-14 11:57:07 | Deep Dive |
| CVE-2024-39415 | An unauthorized user can export the Tax Sales Report | Adobe | Adobe Commerce | Medium | 4.3 | 2024-08-14 11:57:06 | Deep Dive |
| CVE-2024-39405 | Adobe Commerce | Improper Authorization (CWE-285) | Adobe | Adobe Commerce | Medium | 4.3 | 2024-08-14 11:57:06 | Deep Dive |
| CVE-2024-41864 | Adobe Substance 3D Designer ICO Parsing Out-Of-Bounds Write Vulnerability | Adobe | Substance3D - Designer | High | 7.8 | 2024-08-14 08:24:17 | Deep Dive |
| CVE-2024-41862 | Adobe Substance 3D Sampler Memory Corruption Out-of-Bounds-READ Vulnerability II, when parsing PSD file | Adobe | Substance3D - Sampler | Medium | 5.5 | 2024-08-14 08:19:42 | Deep Dive |
| CVE-2024-41861 | Adobe Substance 3D Sampler Memory Corruption Out-of-Bounds-READ Vulnerability I, when parsing PSD file | Adobe | Substance3D - Sampler | Medium | 5.5 | 2024-08-14 08:19:41 | Deep Dive |
| CVE-2024-41863 | Adobe Substance 3D Sampler Memory Corruption Out-of-Bounds-READ Vulnerability III, when parsing DNG file | Adobe | Substance3D - Sampler | Medium | 5.5 | 2024-08-14 08:19:40 | Deep Dive |
| CVE-2024-41860 | Adobe Substance 3D Sampler Memory Corruption Vulnerability I, when parsing PSD file | Adobe | Substance3D - Sampler | Medium | 5.5 | 2024-08-14 08:19:40 | Deep Dive |
| CVE-2024-41858 | Adobe InCopy has an integer overflow vulnerability when parsing SVG file | Adobe | InCopy | High | 7.8 | 2024-08-14 08:14:22 | Deep Dive |
| CVE-2024-39392 | Adobe Indesign 2024 EPS File Parsing Heap Memory Corruption Remote Code Execution Vulnerability | Adobe | InDesign Desktop | High | 7.8 | 2024-08-02 06:47:09 | Deep Dive |