501
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged a…
New
|
CWE-284
Improper Access Control
|
CVE-2024-45122
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
502
|
- |
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged a…
New
|
CWE-284
Improper Access Control
|
CVE-2024-45121
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
503
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to a security feature byp…
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-45120
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
504
|
5.5 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A low-pri…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-45119
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
505
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged a…
New
|
CWE-284
Improper Access Control
|
CVE-2024-45118
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
506
|
7.6 |
HIGH
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An admin attacker…
New
|
CWE-20
Improper Input Validation
|
CVE-2024-45117
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
507
|
8.1 |
HIGH
Network
|
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could be exploited to execute arbitrary code. If an admin a…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-45116
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
508
|
9.8 |
CRITICAL
Network
-
|
-
|
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could explo…
New
|
CWE-287
Improper Authentication
|
CVE-2024-45115
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
509
|
- |
|
-
|
-
|
Fortra's Robot Schedule Enterprise Agent prior to version 3.05 writes FTP username and password information to the agent log file when detailed logging is enabled.
New
|
-
|
CVE-2024-8264
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
510
|
- |
|
-
|
-
|
A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.19.3 allows remote attackers to inject arbitrary web script or HTML into the login page via a username if userControl has been set…
New
|
-
|
CVE-2024-48933
|
2024-10-10 21:51 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|