CVE-2018-4938
- EPSS 0.73%
- Veröffentlicht 19.05.2018 17:29:01
- Zuletzt bearbeitet 06.05.2025 15:15:56
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.
- EPSS 63.3%
- Veröffentlicht 19.05.2018 17:29:01
- Zuletzt bearbeitet 23.10.2025 11:12:36
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2018-4940
- EPSS 1.79%
- Veröffentlicht 19.05.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:07:45
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-4941
- EPSS 1.79%
- Veröffentlicht 19.05.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:07:45
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure.
CVE-2018-4942
- EPSS 4.06%
- Veröffentlicht 19.05.2018 17:29:01
- Zuletzt bearbeitet 06.05.2025 15:15:56
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure.
CVE-2017-11283
- EPSS 42.72%
- Veröffentlicht 01.12.2017 08:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.
CVE-2017-11284
- EPSS 42.72%
- Veröffentlicht 01.12.2017 08:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.
CVE-2017-11285
- EPSS 2.73%
- Veröffentlicht 01.12.2017 08:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.
CVE-2017-11286
- EPSS 8.48%
- Veröffentlicht 01.12.2017 08:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11.
CVE-2017-3008
- EPSS 3.09%
- Veröffentlicht 27.04.2017 14:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability.