Adobe

Coldfusion

208 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2023-38206

  • EPSS 0.09%
  • Veröffentlicht 14.09.2023 08:15:07
  • Zuletzt bearbeitet 21.11.2024 08:13:05

Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to a...

7.4

CVE-2021-40698

  • EPSS 0.12%
  • Veröffentlicht 07.09.2023 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:24:35

ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass  . An authenticated attacker could leverage this vulner...

7.4

CVE-2021-40699

  • EPSS 0.23%
  • Veröffentlicht 07.09.2023 13:15:07
  • Zuletzt bearbeitet 21.11.2024 06:24:35

ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to acc...

9.8

CVE-2023-38203

Warnung
  • EPSS 94.24%
  • Veröffentlicht 20.07.2023 16:15:12
  • Zuletzt bearbeitet 23.10.2025 11:13:14

Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not requir...

7.5

CVE-2023-29298

Warnung
  • EPSS 94.29%
  • Veröffentlicht 12.07.2023 16:15:11
  • Zuletzt bearbeitet 23.10.2025 11:11:19

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerabi...

9.8

CVE-2023-29300

Warnung
  • EPSS 93.68%
  • Veröffentlicht 12.07.2023 16:15:11
  • Zuletzt bearbeitet 23.10.2025 11:13:06

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does n...

7.5

CVE-2023-29301

  • EPSS 0.43%
  • Veröffentlicht 12.07.2023 16:15:11
  • Zuletzt bearbeitet 21.11.2024 07:56:49

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Restriction of Excessive Authentication Attempts vulnerability that could result in a Security feature bypass. An atta...

9.8

CVE-2023-26359

Warnung
  • EPSS 81%
  • Veröffentlicht 23.03.2023 20:15:15
  • Zuletzt bearbeitet 23.10.2025 11:12:54

Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of...

9.8

CVE-2023-26360

Warnung Exploit
  • EPSS 94.33%
  • Veröffentlicht 23.03.2023 20:15:15
  • Zuletzt bearbeitet 23.10.2025 11:12:47

Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this iss...

4.9

CVE-2023-26361

  • EPSS 14.69%
  • Veröffentlicht 23.03.2023 20:15:15
  • Zuletzt bearbeitet 21.11.2024 07:51:12

Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could result in Arbitrary file system read. Ex...