Filtered by vendor Adobe
Subscriptions
Filtered by product Coldfusion
Subscriptions
Total
151 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-4942 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 7.5 High |
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure. | ||||
CVE-2018-4941 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 6.1 Medium |
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure. | ||||
CVE-2018-4940 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 6.1 Medium |
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure. | ||||
CVE-2018-4939 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 9.8 Critical |
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
CVE-2018-4938 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 7.8 High |
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation. | ||||
CVE-2018-15965 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
CVE-2018-15964 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure. | ||||
CVE-2018-15963 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation. | ||||
CVE-2018-15962 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerability. Successful exploitation could lead to information disclosure. | ||||
CVE-2018-15961 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 9.8 Critical |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
CVE-2018-15960 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to arbitrary file overwrite. | ||||
CVE-2018-15959 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
CVE-2018-15958 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
CVE-2018-15957 | 1 Adobe | 1 Coldfusion | 2024-11-21 | N/A |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
CVE-2017-3066 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 9.8 Critical |
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution. | ||||
CVE-2017-3008 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 6.1 Medium |
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability. | ||||
CVE-2017-11286 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 7.5 High |
Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | ||||
CVE-2017-11285 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 6.1 Medium |
Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | ||||
CVE-2017-11284 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 9.8 Critical |
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | ||||
CVE-2017-11283 | 1 Adobe | 1 Coldfusion | 2024-11-21 | 9.8 Critical |
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. |