Adobe

Coldfusion

201 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2019-7838

  • EPSS 30.35%
  • Veröffentlicht 12.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:50

ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

10

CVE-2019-7839

  • EPSS 46.37%
  • Veröffentlicht 12.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:50

ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

10

CVE-2019-7840

  • EPSS 49.53%
  • Veröffentlicht 12.06.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:48:50

ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

10

CVE-2019-7091

  • EPSS 63.07%
  • Veröffentlicht 24.05.2019 19:29:02
  • Zuletzt bearbeitet 21.11.2024 04:47:32

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

6.1

CVE-2019-7092

  • EPSS 1.22%
  • Veröffentlicht 24.05.2019 19:29:02
  • Zuletzt bearbeitet 21.11.2024 04:47:32

ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a cross site scripting vulnerability. Successful exploitation could lead to information disclosure .

10

CVE-2019-7816

  • EPSS 4.82%
  • Veröffentlicht 24.05.2019 18:29:01
  • Zuletzt bearbeitet 21.11.2024 04:48:47

ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. Successful exploitation could lead to arbitrary code execution.

10

CVE-2018-15965

  • EPSS 39.98%
  • Veröffentlicht 25.09.2018 13:29:02
  • Zuletzt bearbeitet 06.05.2025 15:15:54

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

10

CVE-2018-15957

  • EPSS 60.49%
  • Veröffentlicht 25.09.2018 13:29:01
  • Zuletzt bearbeitet 06.05.2025 15:15:53

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

10

CVE-2018-15958

  • EPSS 39.98%
  • Veröffentlicht 25.09.2018 13:29:01
  • Zuletzt bearbeitet 06.05.2025 15:15:53

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

10

CVE-2018-15959

  • EPSS 39.98%
  • Veröffentlicht 25.09.2018 13:29:01
  • Zuletzt bearbeitet 06.05.2025 15:15:53

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.