CVE-2021-40699
- EPSS 0.49%
- Veröffentlicht 07.09.2023 13:15:07
- Zuletzt bearbeitet 21.11.2024 06:24:35
ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to acc...
CVE-2023-38203
- EPSS 97%
- Veröffentlicht 20.07.2023 16:15:12
- Zuletzt bearbeitet 23.10.2025 11:13:14
Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not requir...
CVE-2023-29298
- EPSS 99.75%
- Veröffentlicht 12.07.2023 16:15:11
- Zuletzt bearbeitet 23.10.2025 11:11:19
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerabi...
CVE-2023-29300
- EPSS 99.98%
- Veröffentlicht 12.07.2023 16:15:11
- Zuletzt bearbeitet 23.10.2025 11:13:06
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does n...
CVE-2023-29301
- EPSS 29.1%
- Veröffentlicht 12.07.2023 16:15:11
- Zuletzt bearbeitet 21.11.2024 07:56:49
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a Security feature bypass. An atta...
CVE-2023-26359
- EPSS 17.94%
- Veröffentlicht 23.03.2023 20:15:15
- Zuletzt bearbeitet 23.10.2025 11:12:54
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of...
CVE-2023-26360
- EPSS 97.34%
- Veröffentlicht 23.03.2023 20:15:15
- Zuletzt bearbeitet 23.10.2025 11:12:47
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this iss...
CVE-2023-26361
- EPSS 62.34%
- Veröffentlicht 23.03.2023 20:15:15
- Zuletzt bearbeitet 21.11.2024 07:51:12
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read. Ex...
CVE-2022-42340
- EPSS 33.84%
- Veröffentlicht 14.10.2022 20:15:17
- Zuletzt bearbeitet 21.11.2024 07:24:47
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary file system read. Exploitation of this issue does not require user interaction.
CVE-2022-42341
- EPSS 35.53%
- Veröffentlicht 14.10.2022 20:15:17
- Zuletzt bearbeitet 21.11.2024 07:24:47
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary file system read. Exploitation of this issue do...