Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2020
CVE-2020-9584
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-06-26
CVE-2020-9585
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.056
Published
2020-06-26
CVE-2020-9587
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an authorization bypass vulnerability. Successful exploitation could lead to potentially unauthorized product discounts.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-06-26
CVE-2020-9588
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass.
CVSS Score
7.2
EPSS Score
0.009
Published
2020-06-26
CVE-2020-9591
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a defense-in-depth security mitigation vulnerability. Successful exploitation could lead to unauthorized access to admin panel.
CVSS Score
7.5
EPSS Score
0.01
Published
2020-06-26
CVE-2020-9625
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
7.5
EPSS Score
0.024
Published
2020-06-26
CVE-2020-9627
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
7.5
EPSS Score
0.018
Published
2020-06-26
CVE-2020-9628
Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
7.5
EPSS Score
0.018
Published
2020-06-26
CVE-2020-9630
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability. Successful exploitation could lead to privilege escalation.
CVSS Score
9.8
EPSS Score
0.008
Published
2020-06-26
CVE-2020-9631
Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
EPSS Score
0.052
Published
2020-06-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved