Filter
AND

Adobe ColdFusionAdobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are a…

critical
9.8
First published (updated )
CVE-2023-38204

Adobe ColdFusionColdFusion | Improper Access Control (CWE-284)

medium
5.3
First published (updated )
CVE-2023-38206

Adobe ColdFusionColdFusion CFIDE Improper Access Control Leads To Privilege Escalation

high
7.4
First published (updated )
CVE-2021-40699

Adobe ColdFusionColdFusion Use of Inherently Dangerous Function Leads To Security feature bypass

high
7.4
First published (updated )
CVE-2021-40698

Adobe ColdFusionAdobe ColdFusion Deserialization of Untrusted Data Vulnerability

critical
9.8
Exploited
First published (updated )
CVE-2023-38203

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe ColdFusionAdobe ColdFusion Improper Access Control Vulnerability

high
7.5
Exploited
First published (updated )
CVE-2023-38205

Adobe ColdFusionAdobe ColdFusion Deserialization of Untrusted Data Vulnerability

critical
9.8
Exploited
First published (updated )
CVE-2023-29300

Adobe ColdFusionAdobe ColdFusion Improper Access Control Vulnerability

high
7.5
Exploited
First published (updated )
CVE-2023-29298

Adobe ColdFusionAdobe ColdFusion Improper Restriction of Excessive Authentication Attempts Security feature bypass

high
7.5
First published (updated )
CVE-2023-29301

Adobe ColdFusionAdobe ColdFusion Directory Traversal Arbitrary file system read Vulnerability

medium
4.9
First published (updated )
CVE-2023-26361

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe ColdFusionAdobe ColdFusion Deserialization of Untrusted Data Vulnerability

critical
9.8
Exploited
First published (updated )
CVE-2023-26359

Adobe ColdFusionAdobe ColdFusion Deserialization of Untrusted Data Vulnerability

critical
9.8
Exploited
First published (updated )
CVE-2023-26360

Adobe ColdFusionBuffer Overflow

critical
9.8
First published (updated )
CVE-2022-35690

Adobe ColdFusionAdobe ColdFusion Improper Restriction of XML External Entity Reference Arbitrary file system read

high
7.5
First published (updated )
CVE-2022-42341

Adobe ColdFusionAdobe ColdFusion Application Server Directory Traversal Arbitrary file system write

high
7.2
First published (updated )
CVE-2022-38424

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe ColdFusionAdobe ColdFusion Application Server Directory Traversal Information Disclosure Vulnerability

medium
4.9
First published (updated )
CVE-2022-38423

Adobe ColdFusionAdobe ColdFusion Application Server Directory Traversal Information Disclosure Vulnerability

high
7.5
First published (updated )
CVE-2022-38422

Adobe ColdFusionAdobe ColdFusion Improper Input Validation Arbitrary file system read

high
7.5
First published (updated )
CVE-2022-42340

Adobe ColdFusionAdobe ColdFusion Use of Hard-coded Credentials Application denial-of-service

high
7.5
First published (updated )
CVE-2022-38420

Adobe ColdFusionAdobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability

high
7.2
First published (updated )
CVE-2022-38421

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe ColdFusionAdobe ColdFusion Solr Service XML External Entity Processing Arbitrary file system read

high
7.5
First published (updated )
CVE-2022-38419

Adobe ColdFusionAdobe ColdFusion ODBC Server Heap-based Buffer Overflow Remote Code Execution Vulnerability

critical
9.8
First published (updated )
CVE-2022-35711

Adobe ColdFusionAdobe ColdFusion ODBC Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

critical
9.8
First published (updated )
CVE-2022-35710

Adobe ColdFusionAdobe ColdFusion ODBC Agent Heap-based Buffer Overflow Remote Code Execution Vulnerability

critical
9.8
First published (updated )
CVE-2022-35712

Adobe ColdFusionAdobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability

critical
9.8
First published (updated )
CVE-2022-38418

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Adobe ColdFusionColdFusion Reflected Cross-Site Scripting could lead to Arbitrary Code Execution

medium
6.1
First published (updated )
CVE-2022-28818

Adobe ColdFusionColdFusion Improper neutralization of web input during page generation could lead to arbitrary JavaScript execution in the browser

medium
5.4
First published (updated )
CVE-2021-21087

Adobe ColdFusionAdobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versi…

high
7.8
First published (updated )
CVE-2020-9673

Adobe ColdFusionAdobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versi…

high
7.8
First published (updated )
CVE-2020-9672

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203