Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
coldfusion vulnerabilities and exploits
(subscribe to this query)
8.2
CVSSv3
CVE-2024-20767
ColdFusion versions 2023.6, 2021.12 and previous versions are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive fi...
4 Github repositories
5.5
CVSSv3
CVE-2023-44347
Adobe InDesign versions ID18.5 (and previous versions) and ID17.4.2 (and previous versions) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the cu...
7.5
CVSSv3
CVE-2023-26347
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to access the admini...
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
9.8
CVSSv3
CVE-2023-44350
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
9.8
CVSSv3
CVE-2023-44351
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
6.1
CVSSv3
CVE-2023-44352
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an unauthenticated attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious J...
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
9.8
CVSSv3
CVE-2023-44353
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
4.3
CVSSv3
CVE-2023-44355
Adobe ColdFusion versions 2023.5 (and previous versions) and 2021.11 (and previous versions) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An unauthenticated attacker could leverage this vulnerability to impact a minor ...
Adobe Coldfusion 2021
Adobe Coldfusion 2023
Adobe Coldfusion
9.8
CVSSv3
CVE-2023-38204
Adobe ColdFusion versions 2018u18 (and previous versions), 2021u8 (and previous versions) and 2023u2 (and previous versions) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not requir...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
7.5
CVSSv3
CVE-2023-38205
Adobe ColdFusion versions 2018u18 (and previous versions), 2021u8 (and previous versions) and 2023u2 (and previous versions) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to a...
Adobe Coldfusion 2018
Adobe Coldfusion 2021
Adobe Coldfusion 2023
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »