Browse Security Advisories
Security Advisories for magento/community-edition Clear Filters
Critical
about 2 months ago
Magneto contains stored XSS vulnerability
packagist
magento/community-edition
Moderate
4 months ago
Magento Improper Authorization vulnerability
packagist
magento/community-edition
Critical
6 months ago
Improper Authorization vulnerability in Magento and Adobe Commerce
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Business Logic Error vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
6 months ago
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
6 months ago
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Adobe Commerce Path Traversal
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Information Exposure vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Incorrect Authorization vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Adobe Commerce Improper Authorization vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
6 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
6 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
10 months ago
Magento Open Source Improper Authorization vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Information Exposure vulnerability
packagist
magento/community-edition
Low
10 months ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Authorization vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Information Exposure vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Input Validation vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Cross-Site Scripting (XSS) vulnerability
packagist
magento/community-edition
High
10 months ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Improper Authorization vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source reflected Cross-Site Scripting (XSS) vulnerability
packagist
magento/community-edition
Moderate
10 months ago
Magento Open Source Incorrect Authorization vulnerability
packagist
magento/community-edition
Moderate
12 months ago
Magento Open Source Improper Authorization vulnerability
packagist
magento/community-edition
Moderate
12 months ago
Magento Open Source Cross-Site Request Forgery vulnerability
packagist
magento/community-edition
Moderate
12 months ago
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability
packagist
magento/community-edition
Moderate
12 months ago
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability
packagist
magento/community-edition
Moderate
12 months ago
Magento Open Source Path Traversal vulnerability
packagist
magento/community-edition
Moderate
about 1 year ago
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
packagist
magento/community-edition
Moderate
about 1 year ago
Magento Open Source Cross-Site Scripting (XSS) vulnerability
packagist
magento/community-edition
High
about 1 year ago
Magento Open Source Improper Authorization vulnerability
packagist
magento/community-edition
Critical
about 1 year ago
Magento Open Source Improper Authentication vulnerability
packagist
magento/community-edition
Moderate
about 1 year ago
Magento Open Source Improper Access Control vulnerability
packagist
magento/community-edition
Moderate
about 1 year ago
Magento Open Source Incorrect Authorization vulnerability
packagist
magento/community-edition
Critical
about 1 year ago
Magento Open Source affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability
packagist
magento/community-edition
Critical
about 1 year ago
Magento RCE,XSS and other vulnerabilities
packagist
magento/community-edition
Moderate
about 1 year ago
Magento Cross-Site Scripting (XSS) vulnerability
packagist
magento/community-edition
Critical
about 1 year ago
Magento remote code execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities
packagist
magento/community-edition
Critical
about 1 year ago
Magento Open Source Security Advisory: Patch SUPEE-10975
packagist
magento/community-edition
Critical
about 1 year ago
Magento Patch SUPEE-9652 - Remote Code Execution using mail vulnerability
packagist
magento/community-edition
Critical
about 1 year ago
Magento Security enhancements that help close RCE,XSS,CSRF and other vulnerabilities
packagist
magento/community-edition
Critical
about 1 year ago
Magento Patch SUPEE-10752 - Multiple security enhancements vulnerabilities
packagist
magento/community-edition
High
over 1 year ago
Magento Open Source allows Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
High
over 1 year ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
High
over 1 year ago
Magento Open Source allows OS Command Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Cross-Site Request Forgery (CSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Uncontrolled Resource Consumption
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Uncontrolled Resource Consumption
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Improper Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Low
almost 2 years ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source has Improper Input Validation Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Low
almost 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
High
almost 2 years ago
Magento Open Source allows Improper Neutralization of Special Elements Used
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/community-edition
Low
about 2 years ago
Magento Open Source has Business Logic Errors Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Information Exposure
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
High
about 2 years ago
Magento Open Source allows Improper Neutralization of Special Elements Used
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
High
over 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago
Magento Open Source allows Improper Access Control
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Filter by Severity
Filter by Ecosystem
maven
6,662
packagist
5,356
pypi
4,833
npm
4,190
go
2,801
nuget
1,701
cargo
1,066
rubygems
918
hex
37
swift
35
actions
32
pub
10
Filter by Package
tensorflow
433
tensorflow-gpu
427
tensorflow-cpu
423
moodle/moodle
418
magento/community-edition
300
Microsoft.ChakraCore
247
org.jenkins-ci.main:jenkins-core
239
typo3/cms
190
org.apache.tomcat:tomcat
138
pimcore/pimcore
120
dolibarr/dolibarr
116
github.com/mattermost/mattermost/server/v8
115
typo3/cms-core
111
com.liferay.portal:release.portal.bom
110
phpmyadmin/phpmyadmin
107
Django
107
com.liferay.portal:release.dxp.bom
105
drupal/core
103
magento/project-community-edition
100
microweber/microweber
99
silverstripe/framework
92
apache-airflow
85
drupal/drupal
83
librenms/librenms
82
thorsten/phpmyfaq
73
Plone
72
symfony/symfony
69
com.fasterxml.jackson.core:jackson-databind
69
github.com/usememos/memos
66
concrete5/concrete5
65
salt
65
ansible
63
actionpack
61
apache-superset
57
org.apache.struts:struts2-core
57
shopware/platform
57
github.com/grafana/grafana
56
mlflow
53
craftcms/cms
51
org.keycloak:keycloak-core
50
nova
48
baserproject/basercms
47
nokogiri
46
django
46
org.apache.tomcat.embed:tomcat-embed-core
46
shopware/core
45
github.com/rancher/rancher
44
gradio
44
vyper
44
mautic/core
44
matrix-synapse
42
rdiffweb
42
nilsteampassnet/teampass
42
mantisbt/mantisbt
41
showdoc/showdoc
41
k8s.io/kubernetes
41
org.keycloak:keycloak-services
41
org.xwiki.platform:xwiki-platform-oldcore
41
org.elasticsearch:elasticsearch
41
plone
41
froxlor/froxlor
40
github.com/hashicorp/vault
40
github.com/mattermost/mattermost-server/v6
39
intelliants/subrion
39
directus
38
com.thoughtworks.xstream:xstream
37
snipe/snipe-it
36
net.mingsoft:ms-mcms
36
com.jfinal:jfinal
36
moin
35
github.com/answerdev/answer
34
org.jenkins-ci.plugins:script-security
34
io.undertow:undertow-core
34
zendframework/zendframework1
34
gogs.io/gogs
33
parse-server
33
keystone
32
github.com/argoproj/argo-cd/v2
31
github.com/docker/docker
31
opencv-python
31
opencv-contrib-python
31
github.com/hashicorp/nomad
31
Pillow
31
github.com/cilium/cilium
31
github.com/argoproj/argo-cd
31
shopware/shopware
30
getgrav/grav
30
github.com/hashicorp/consul
29
github.com/mattermost/mattermost-server
29
rack
29
mediawiki/core
28
org.apache.solr:solr-core
28
electron
28
org.opencms:opencms-core
27
centreon/centreon
27
pillow
26
prestashop/prestashop
26
next
26
org.springframework.security:spring-security-core
26
openssl-src
26
org.eclipse.jetty:jetty-server
25
rubygems-update
25
contao/core-bundle
25
open-webui
25
pocketmine/pocketmine-mp
24
getkirby/cms
24
github.com/traefik/traefik/v2
24
org.keycloak:keycloak-parent
24
magento/core
24
surrealdb
24
grumpydictator/firefly-iii
23
vllm
23
remdex/livehelperchat
23
simplesamlphp/simplesamlphp
23
puppet
23
laravel/framework
23
phpoffice/phpexcel
23
zendframework/zendframework
23
DotNetNuke.Core
22
org.bouncycastle:bcprov-jdk14
22
Microsoft.AspNetCore.App.Runtime.win-x64
22
Microsoft.AspNetCore.App.Runtime.win-x86
22
tribalsystems/zenario
22
@openzeppelin/contracts-upgradeable
22
ckb
22
org.apache.openmeetings:openmeetings-parent
22
Microsoft.AspNetCore.App.Runtime.win-arm
21
activerecord
21
org.apache.tomcat:tomcat-catalina
21
@openzeppelin/contracts
21
glance
21
github.com/goharbor/harbor
21
org.apache.nifi:nifi
21
github.com/ethereum/go-ethereum
21
phpoffice/phpspreadsheet
21
wasmtime
20
golang.org/x/net
20
org.cloudfoundry.identity:cloudfoundry-identity-server
20
code.gitea.io/gitea
20
langchain
20
cockpit-hq/cockpit
20
aim
20
funadmin/funadmin
20
deno
19
Microsoft.AspNetCore.App.Runtime.win-arm64
19
Microsoft.AspNetCore.App.Runtime.osx-x64
19
Microsoft.AspNetCore.App.Runtime.linux-x64
19
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
19
Microsoft.AspNetCore.App.Runtime.linux-arm64
19
Microsoft.AspNetCore.App.Runtime.linux-arm
19
org.apache.tomcat:tomcat-coyote
19
github.com/zitadel/zitadel
19
pyload-ng
19
org.xwiki.platform:xwiki-platform-web-templates
19
neutron
19
helm.sh/helm/v3
19
forkcms/forkcms
18
genix/cms
18
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
18
contao/contao
18
cobbler
18
mindsdb
18
topthink/framework
18
mercurial
18
com.vaadin:vaadin-bom
18
calibreweb
17
org.springframework:spring-core
17
francoisjacquet/rosariosis
17
openmage/magento-lts
17
opencart/opencart
17
org.apache.inlong:manager-pojo
17
cryptography
17
cakephp/cakephp
17
yetiforce/yetiforce-crm
17
OctoPrint
17
symfony/security
17
notebook
17
org.apache.geode:geode-core
17
ezsystems/ezpublish-kernel
17
typo3/cms-backend
17
ethyca-fides
16
org.apache.ranger:ranger
16
tinymce
16
org.bouncycastle:bcprov-jdk15
16
github.com/openfga/openfga
16
Microsoft.NetCore.App.Runtime.win-x86
16
org.apache.dubbo:dubbo
16
Microsoft.NetCore.App.Runtime.win-arm
16
phpbb/phpbb
16
Microsoft.NetCore.App.Runtime.win-x64
16
paddlepaddle
16
october/system
16
PaddlePaddle
16
Microsoft.NetCore.App.Runtime.win-arm64
16
sequelize
16
org.apache.jspwiki:jspwiki-main
16
org.apache.activemq:activemq-client
16
github.com/traefik/traefik/v3
16
rusqlite
16
lollms
16