Browse Security Advisories
Security Advisories for magento/project-community-edition Clear Filters
Critical
5 days ago
Magento Community Edition Improper Input Validation vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
about 1 month ago
Magento Cross-site Scripting vulnerability
packagist
magento/project-community-edition, magento/community-edition
Critical
7 months ago
Improper Authorization vulnerability in Magento and Adobe Commerce
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
7 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento Business Logic Error vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
7 months ago
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento stored Cross-Site Scripting (XSS) vulnerability
packagist
magento/project-community-edition, magento/community-edition
Low
7 months ago
Magento Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Adobe Commerce Path Traversal
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Adobe Commerce Improper Authorization vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento Incorrect Authorization vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento Improper Access Control vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
7 months ago
Magento Stored Cross-Site Scripting (XSS) Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
7 months ago
Magento Information Exposure vulnerability
packagist
magento/project-community-edition, magento/community-edition
High
over 1 year ago
Magento Open Source allows Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
High
over 1 year ago
Magento Open Source allows OS Command Injection
packagist
magento/project-community-edition, magento/community-edition
High
over 1 year ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Cross-Site Request Forgery (CSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 1 year ago
Magento Open Source allows Uncontrolled Resource Consumption
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Uncontrolled Resource Consumption
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Low
almost 2 years ago
Magento Open Source allows Cross-Site Scripting (XSS)
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source has Improper Input Validation Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows SQL Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Improper Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
High
about 2 years ago
Magento Open Source allows Improper Neutralization of Special Elements Used
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source has Business Logic Errors Vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Server-Side Request Forgery (SSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows Information Exposure
packagist
magento/project-community-edition, magento/community-edition
High
about 2 years ago
Magento Open Source allows Improper Neutralization of Special Elements Used
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Low
about 2 years ago
Magento Open Source affected by Improper Input Validation
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago
Magento Open Source allows Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
High
over 2 years ago
Magento Open Source allows XML Injection
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 2 years ago
Magento Open Source allows Improper Access Control
packagist
magento/project-community-edition, magento/community-edition
Moderate
almost 3 years ago
Magento Open Source allows Improper Access Control
packagist
magento/project-community-edition, magento/community-edition
High
almost 3 years ago
Magento Open Source allows Stored Cross-Site Scripting (Stored XSS)
packagist
magento/project-community-edition, magento/community-edition
Moderate
about 3 years ago
Magento Open Source has Improper Access Control vulnerability
packagist
magento/community-edition, magento/project-community-edition
Moderate
over 3 years ago
Magento Open Source allows Cross-Site Request Forgery (CSRF)
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento Improper Authorization vulnerability in the customers module
packagist
magento/project-community-edition, magento/community-edition
High
over 3 years ago
Magento Violation of Secure Design Principles vulnerability in RMA PDF filename formats
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento DOM-based Cross-Site Scripting vulnerability on mage-messages cookies
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento Path Traversal vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento Improper input validation vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento Insufficient Session Expiration
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento stored cross-site scripting vulnerability in the admin console
packagist
magento/project-community-edition, magento/community-edition
High
over 3 years ago
Magento stored cross-site scripting (XSS) in the customer address upload feature
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento Insecure Direct Object Reference (IDOR) in the product module
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento Insufficient Session Expiration
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento cross-site request forgery (CSRF) vulnerability via the GraphQL API
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento improper authorization vulnerability in the integrations module
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento Improper Access Control
packagist
magento/project-community-edition, magento/community-edition
Critical
over 3 years ago
Magento XPath Injection
packagist
magento/project-community-edition, magento/community-edition
Critical
over 3 years ago
Magento vulnerable to a file upload restriction bypass
packagist
magento/project-community-edition, magento/community-edition
Critical
over 3 years ago
Magento OS command injection via the WebAPI
packagist
magento/project-community-edition, magento/community-edition
Critical
over 3 years ago
Magento 2 Community Edition RCE via Unsafe File Upload
packagist
magento/project-community-edition, magento/community-edition
Low
over 3 years ago
Magento incorrect user permissions vulnerability within the Inventory component
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento 2 Community Edition Incorrect Authorization
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento incorrect permissions vulnerability in the Integrations component
packagist
magento/project-community-edition, magento/community-edition
Critical
over 3 years ago
Magento DOM-based Cross-site scripting vulnerability
packagist
magento/project-community-edition, magento/community-edition
Moderate
over 3 years ago
Magento path traversal vulnerability
packagist
magento/project-community-edition, magento/community-edition
Critical
over 3 years ago
Magento business logic error vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
over 3 years ago
Magento security mitigation bypass vulnerability
packagist
magento/project-community-edition, magento/community-edition, magento/core
Critical
over 3 years ago
Magento security mitigation bypass vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
over 3 years ago
Magento Defense-in-depth security mitigation vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
over 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
High
over 3 years ago
Magento Signature verification bypass
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
over 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
High
over 3 years ago
Magento authorization bypass vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Moderate
over 3 years ago
Magento Stored cross-site scripting
packagist
magento/project-community-edition, magento/core, magento/community-edition
Moderate
over 3 years ago
Magento stored cross-site scripting vulnerability
packagist
magento/project-community-edition, magento/community-edition, magento/core
Critical
over 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Moderate
over 3 years ago
Magento stored cross-site scripting vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
over 3 years ago
Magento Security mitigation bypass vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Critical
over 3 years ago
Magento command injection vulnerability
packagist
magento/project-community-edition, magento/core, magento/community-edition
Filter by Severity
Filter by Ecosystem
maven
6,869
packagist
5,422
pypi
4,942
npm
4,297
go
2,920
nuget
1,880
cargo
1,086
rubygems
927
actions
37
hex
37
swift
36
pub
10
Filter by Package
tensorflow
433
tensorflow-gpu
427
tensorflow-cpu
423
moodle/moodle
418
magento/community-edition
302
Microsoft.ChakraCore
247
org.jenkins-ci.main:jenkins-core
239
typo3/cms
190
com.liferay.portal:release.portal.bom
141
org.apache.tomcat:tomcat
136
com.liferay.portal:release.dxp.bom
125
github.com/mattermost/mattermost/server/v8
124
pimcore/pimcore
120
dolibarr/dolibarr
116
typo3/cms-core
114
Django
108
phpmyadmin/phpmyadmin
107
microweber/microweber
103
drupal/core
103
magento/project-community-edition
102
silverstripe/framework
92
apache-airflow
85
librenms/librenms
83
drupal/drupal
83
thorsten/phpmyfaq
73
Plone
72
com.fasterxml.jackson.core:jackson-databind
69
symfony/symfony
69
github.com/usememos/memos
68
concrete5/concrete5
67
salt
65
ansible
63
apache-superset
61
actionpack
61
shopware/platform
58
org.apache.struts:struts2-core
57
github.com/grafana/grafana
56
craftcms/cms
53
mlflow
53
org.keycloak:keycloak-core
50
github.com/hashicorp/vault
49
org.apache.tomcat.embed:tomcat-embed-core
48
mautic/core
48
nova
48
baserproject/basercms
47
django
46
nokogiri
46
shopware/core
46
github.com/mattermost/mattermost-server/v6
45
github.com/rancher/rancher
45
vyper
44
gradio
44
org.xwiki.platform:xwiki-platform-oldcore
43
rdiffweb
42
org.keycloak:keycloak-services
42
nilsteampassnet/teampass
42
matrix-synapse
42
k8s.io/kubernetes
42
showdoc/showdoc
41
plone
41
org.elasticsearch:elasticsearch
41
mantisbt/mantisbt
41
intelliants/subrion
40
froxlor/froxlor
40
directus
39
picklescan
39
github.com/mattermost/mattermost-server
38
com.thoughtworks.xstream:xstream
37
net.mingsoft:ms-mcms
36
com.jfinal:jfinal
36
snipe/snipe-it
36
moin
35
io.undertow:undertow-core
35
zendframework/zendframework1
34
org.jenkins-ci.plugins:script-security
34
github.com/answerdev/answer
34
parse-server
33
gogs.io/gogs
33
keystone
32
github.com/argoproj/argo-cd/v2
32
opencv-python
31
opencv-contrib-python
31
github.com/hashicorp/nomad
31
shopware/shopware
31
github.com/cilium/cilium
31
github.com/argoproj/argo-cd
31
github.com/docker/docker
31
getgrav/grav
30
github.com/hashicorp/consul
29
rack
29
Pillow
29
next
29
electron
29
contao/core-bundle
29
mediawiki/core
28
org.apache.solr:solr-core
28
pillow
28
prestashop/prestashop
27
centreon/centreon
27
org.opencms:opencms-core
27
openssl-src
26
org.springframework.security:spring-security-core
26
github.com/traefik/traefik/v2
25
vllm
25
org.eclipse.jetty:jetty-server
25
rubygems-update
25
open-webui
25
pocketmine/pocketmine-mp
25
surrealdb
24
magento/core
24
getkirby/cms
24
org.keycloak:keycloak-parent
24
phpoffice/phpexcel
23
org.bouncycastle:bcprov-jdk14
23
org.bouncycastle:bcprov-jdk15on
23
grumpydictator/firefly-iii
23
laravel/framework
23
zendframework/zendframework
23
simplesamlphp/simplesamlphp
23
puppet
23
org.apache.tomcat:tomcat-catalina
23
pyload-ng
23
remdex/livehelperchat
23
Microsoft.AspNetCore.App.Runtime.win-x64
22
DotNetNuke.Core
22
tribalsystems/zenario
22
phpoffice/phpspreadsheet
22
contao/contao
22
@openzeppelin/contracts-upgradeable
22
ckb
22
org.apache.openmeetings:openmeetings-parent
22
activerecord
22
Microsoft.AspNetCore.App.Runtime.win-x86
22
helm.sh/helm/v3
21
github.com/ethereum/go-ethereum
21
@openzeppelin/contracts
21
glance
21
Microsoft.AspNetCore.App.Runtime.win-arm
21
github.com/goharbor/harbor
21
org.apache.nifi:nifi
21
cockpit-hq/cockpit
20
code.gitea.io/gitea
20
aim
20
org.apache.tomcat:tomcat-coyote
20
org.cloudfoundry.identity:cloudfoundry-identity-server
20
wasmtime
20
funadmin/funadmin
20
golang.org/x/net
20
langchain
20
typo3/cms-backend
20
org.xwiki.platform:xwiki-platform-web-templates
20
ethyca-fides
20
Microsoft.AspNetCore.App.Runtime.linux-x64
19
Microsoft.AspNetCore.App.Runtime.linux-musl-x64
19
Microsoft.AspNetCore.App.Runtime.osx-x64
19
github.com/zitadel/zitadel
19
Microsoft.AspNetCore.App.Runtime.linux-arm
19
topthink/framework
19
neutron
19
deno
19
Microsoft.AspNetCore.App.Runtime.linux-arm64
19
Microsoft.AspNetCore.App.Runtime.win-arm64
19
mercurial
18
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64
18
genix/cms
18
forkcms/forkcms
18
cobbler
18
com.vaadin:vaadin-bom
18
flowise
18
org.apache.jspwiki:jspwiki-main
18
mindsdb
18
org.apache.inlong:manager-pojo
17
cryptography
17
ezsystems/ezpublish-kernel
17
yetiforce/yetiforce-crm
17
github.com/traefik/traefik/v3
17
calibreweb
17
cakephp/cakephp
17
francoisjacquet/rosariosis
17
opencart/opencart
17
org.springframework:spring-core
17
org.apache.geode:geode-core
17
symfony/security
17
github.com/openfga/openfga
17
notebook
17
OctoPrint
17
openmage/magento-lts
17
org.apache.activemq:activemq-client
16
Microsoft.NetCore.App.Runtime.win-x64
16
transformers
16
rusqlite
16
sequelize
16
Microsoft.NetCore.App.Runtime.win-arm64
16
tinymce
16
org.apache.dubbo:dubbo
16
Microsoft.NetCore.App.Runtime.win-x86
16
org.bouncycastle:bcprov-jdk15
16
Microsoft.NetCore.App.Runtime.win-arm
16
lollms
16
october/system
16