Browse Security Advisories
Security Advisories for magento/project-community-edition in packagist Clear Filters
Critical
6 months ago
Improper Authorization vulnerability in Magento and Adobe Commerce
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Business Logic Error vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
6 months ago
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
6 months ago
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Information Exposure vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Incorrect Authorization vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Adobe Commerce Improper Authorization vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Adobe Commerce Path Traversal
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
over 1 year ago
Magento Open Source allows Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
High
over 1 year ago
Magento Open Source allows OS Command Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Uncontrolled Resource Consumption
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Cross-Site Request Forgery (CSRF)
packagist
magento/project-community-edition, magento/community-edition
High
over 1 year ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Uncontrolled Resource Consumption
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source has Improper Input Validation Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Improper Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
almost 2 years ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
High
almost 2 years ago
Magento Open Source allows Improper Neutralization of Special Elements Used
packagist
magento/project-community-edition, magento/community-edition
Low
almost 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
High
about 2 years ago
Magento Open Source allows Improper Neutralization of Special Elements Used
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source has Business Logic Errors Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Information Exposure
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago
Magento Open Source allows Improper Access Control
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
High
over 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 3 years ago
Magento Open Source allows Improper Access Control
packagist
magento/project-community-edition, magento/community-edition
High
almost 3 years ago
Magento Open Source allows Stored Cross-Site Scripting (Stored XSS)
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 3 years ago
Magento Open Source has Improper Access Control vulnerability
packagist
magento/community-edition, magento/project-community-edition
Moderate
about 3 years ago
Magento Open Source allows Cross-Site Request Forgery (CSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Improper Authorization vulnerability in the customers module
packagist
magento/project-community-edition, magento/community-edition
High
about 3 years ago
Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Improper input validation vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Path Traversal vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Insufficient Session Expiration
packagist
magento/project-community-edition, magento/community-edition
High
about 3 years ago
Magento stored cross-site scripting (XSS) in the customer address upload feature
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Insecure Direct Object Reference (IDOR) in the product module
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Insufficient Session Expiration
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento improper authorization vulnerability in the integrations module
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento stored cross-site scripting vulnerability in the admin console
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API
packagist
magento/project-community-edition, magento/community-edition
Critical
about 3 years ago
Magento vulnerable to a file upload restriction bypass
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Improper Access Control
packagist
magento/project-community-edition, magento/community-edition
Critical
about 3 years ago
Magento XPath Injection
packagist
magento/project-community-edition, magento/community-edition
Critical
about 3 years ago
Magento OS command injection via the WebAPI
packagist
magento/project-community-edition, magento/community-edition
Critical
about 3 years ago
Magento 2 Community Edition RCE via Unsafe File Upload
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento 2 Community Edition Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento incorrect permissions vulnerability in the Integrations component
packagist
magento/project-community-edition, magento/community-edition
Low
about 3 years ago
Magento incorrect user permissions vulnerability within the Inventory component
packagist
magento/project-community-edition, magento/community-edition
Critical
about 3 years ago
Magento DOM-based Cross-site scripting vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento path traversal vulnerability
packagist
magento/project-community-edition, magento/community-edition
Critical
about 3 years ago
Magento security mitigation bypass vulnerability
packagist
magento/project-community-edition, magento/community-edition, magento/core
Critical
about 3 years ago
Magento business logic error vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento security mitigation bypass vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
High
about 3 years ago
Magento Signature verification bypass
packagist
magento/project-community-edition, magento/core, magento/community-edition
High
about 3 years ago
Magento authorization bypass vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento Defense-in-depth security mitigation vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Moderate
about 3 years ago
Magento Stored cross-site scripting
packagist
magento/project-community-edition, magento/core, magento/community-edition
Moderate
about 3 years ago
Magento stored cross-site scripting vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
about 3 years ago
Magento Security mitigation bypass vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Moderate
about 3 years ago
Magento stored cross-site scripting vulnerability
packagist
magento/project-community-edition, magento/community-edition, magento/core
High
about 3 years ago
Magento 2 Community Edition RCE Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
over 5 years ago
Unauthenticated crypto and weak IV in Magento\Framework\Encryption
packagist
magento/project-community-edition, magento/community-edition
Filter by Severity
Filter by Ecosystem
maven
6,662
packagist
5,356
pypi
4,833
npm
4,190
go
2,801
nuget
1,701
cargo
1,066
rubygems
918
hex
37
swift
35
actions
32
pub
10
Filter by Package
moodle/moodle
418
magento/community-edition
300
typo3/cms
190
pimcore/pimcore
120
dolibarr/dolibarr
116
typo3/cms-core
111
phpmyadmin/phpmyadmin
107
drupal/core
103
magento/project-community-edition
100
microweber/microweber
99
silverstripe/framework
92
drupal/drupal
83
librenms/librenms
82
thorsten/phpmyfaq
73
symfony/symfony
69
concrete5/concrete5
65
shopware/platform
57
craftcms/cms
51
baserproject/basercms
47
shopware/core
45
mautic/core
44
nilsteampassnet/teampass
42
mantisbt/mantisbt
41
showdoc/showdoc
41
froxlor/froxlor
40
intelliants/subrion
39
snipe/snipe-it
36
zendframework/zendframework1
34
getgrav/grav
30
shopware/shopware
30
mediawiki/core
28
centreon/centreon
27
prestashop/prestashop
26
contao/core-bundle
25
magento/core
24
pocketmine/pocketmine-mp
24
getkirby/cms
24
laravel/framework
23
simplesamlphp/simplesamlphp
23
zendframework/zendframework
23
remdex/livehelperchat
23
grumpydictator/firefly-iii
23
phpoffice/phpexcel
23
tribalsystems/zenario
22
phpoffice/phpspreadsheet
21
funadmin/funadmin
20
cockpit-hq/cockpit
20
forkcms/forkcms
18
contao/contao
18
topthink/framework
18
genix/cms
18
cakephp/cakephp
17
symfony/security
17
francoisjacquet/rosariosis
17
opencart/opencart
17
openmage/magento-lts
17
ezsystems/ezpublish-kernel
17
yetiforce/yetiforce-crm
17
typo3/cms-backend
17
october/system
16
phpbb/phpbb
16
silverstripe/cms
15
smarty/smarty
15
ec-cube/ec-cube
15
pimcore/admin-ui-classic-bundle
15
symfony/security-http
15
bolt/bolt
15
phpmailer/phpmailer
14
modx/revolution
14
codeigniter4/framework
14
dompdf/dompdf
14
feehi/cms
14
yeswiki/yeswiki
13
elefant/cms
13
sylius/sylius
13
lavalite/cms
13
studio-42/elfinder
13
impresscms/impresscms
13
phpmyfaq/phpmyfaq
13
admidio/admidio
13
wallabag/wallabag
12
symfony/http-foundation
12
wwbn/avideo
12
alextselegidis/easyappointments
12
pagekit/pagekit
11
sulu/sulu
11
october/october
11
leantime/leantime
11
ezsystems/ezplatform-kernel
11
feehi/feehicms
11
tinymce/tinymce
11
TinyMCE
11
nukeviet/nukeviet
11
tinymce
11
yiisoft/yii2
11
spatie/browsershot
10
ezsystems/ezpublish-legacy
10
ssddanbrown/bookstack
10
kevinpapst/kimai2
9
twig/twig
9
twbs/bootstrap
9
org.webjars:bootstrap
9
croogo/croogo
9
concrete5/core
9
pimcore/customer-management-framework-bundle
9
bootstrap
9
pterodactyl/panel
9
statamic/cms
9
billz/raspap-webgui
9
in2code/femanager
9
bootstrap
9
contao/core
9
in2code/powermail
9
ezsystems/ezplatform-admin-ui
9
bootstrap
9
silverstripe/graphql
8
joomla/joomla-cms
8
october/cms
8
facturascripts/facturascripts
8
starcitizentools/citizen-skin
8
directmailteam/direct-mail
8
codiad/codiad
8
silverstripe/admin
8
tecnickcom/tcpdf
8
flarum/core
8
composer/composer
8
gilacms/gila
8
simplesamlphp/saml2
7
symfony/http-kernel
7
yiisoft/yii2-dev
7
wpglobus/wpglobus
7
backdrop/backdrop
7
shopxo/shopxo
7
passbolt/passbolt_api
7
october/backend
7
bootstrap-sass
7
redaxo/source
7
bootstrap.sass
7
typo3/cms-install
6
oro/platform
6
dweeves/magmi
6
guzzlehttp/guzzle
6
icecoder/icecoder
6
zoujingli/thinkadmin
6
bagisto/bagisto
6
phpseclib/phpseclib
6
vrana/adminer
6
drupal/core-recommended
6
pear/archive_tar
6
bootstrap-sass
6
yourls/yourls
6
nystudio107/craft-seomatic
6
gleez/cms
6
api-platform/core
6
phpxmlrpc/phpxmlrpc
5
kimai/kimai
5
typo3/flow
5
limesurvey/limesurvey
5
elgg/elgg
5
bottelet/flarepoint
5
illuminate/database
5
anchorcms/anchor-cms
5
cachethq/cachet
5
getformwork/formwork
5
phpservermon/phpservermon
5
symfony/security-core
5
neos/neos
5
neos/flow
5
adodb/adodb-php
5
woocommerce/woocommerce
5
ibexa/admin-ui
5
juzaweb/cms
5
thinkcmf/thinkcmf
5
symfony/security-bundle
5
silverstripe/assets
5
tcg/voyager
5
gugoan/economizzer
5
ibexa/core
5
mautic/core-lib
5
drupal/ai
4
bref/bref
4
froala/wysiwyg-editor
4
shopware/storefront
4
automad/automad
4
processwire/processwire
4
typo3/cms-form
4
yiisoft/yii
4
pyrocms/pyrocms
4
bytefury/crater
4
codeigniter4/shield
4
league/commonmark
4
ezyang/htmlpurifier
4
codeigniter/framework
4
ckeditor4
4
oro/commerce
4
friendsofsymfony/user-bundle
4
reportico-web/reportico
4
appwrite/server-ce
4
elmsln/haxcms
4
zendframework/zendopenid
4