CVE-2021-25517

An improper input validation vulnerability in LDFW prior to SMR Dec-2021 Release 1 allows attackers to perform arbitrary code execution...

CVE-2021-43175

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a username, password, and action that routes to other PHP files that implement the various API functions. Vulnerable versions of GOautodial validate the username and password incorrectly,...

CVE-2020-10368

Certain Cypress and Broadcom Wireless Combo chips, when a January 2021 firmware update is not present, allow memory read access via a "Spectra" attack...

CVE-2020-10368

Certain Cypress and Broadcom Wireless Combo chips, when a January 2021 firmware update is not present, allow memory read access via a "Spectra" attack...

CVE-2020-10369

CVE-2020-10369 affects Cypress (and Broadcom) Wireless Combo chips. The connected Red Hat, CIRCL, NVD and related feeds describe a memory-content inference vulnerability via a Spectra attack when a January 2021 firmware update is not present. The vulnerability is tied to these wireless combo comp...

CVE-2024-20767 Adobe Coldfusion Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2024-20767 - Adobe Coldfusion Arbitrary File Read', 'Description' = %q This module exploits an Improper Access Vulnerability in Adobe...

Vulnerability fixed in Adobe ColdFusion

Adobe has fixed a vulnerability in ColdFusion. A malicious party can exploit the vulnerability to bypass a security measure to bypass the vulnerability and thus gain access to sensitive data in the affected Adobe ColdFusion application. Adobe has released updates to fix the vulnerability in...

Vulnerabilities fixed in Adobe Coldfusion

Adobe has fixed vulnerabilities in Coldfusion. A unauthenticated remote malicious person could exploit them to bypass a security measure and execute arbitrary execute arbitrary code with permissions from the application that uses Coldfusion uses and thus potentially gain access to sensitive data...

Vulnerability fixed in Adobe ColdFusion

Adobe has fixed a vulnerability in ColdFusion. A malicious party can exploit the vulnerability to execute arbitrary code execute arbitrary code with permissions from the application using ColdFusion. Due to the nature of such applications, it cannot be be ruled out that this would allow the...

Deserialization of untrusted data

Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

Path traversal

Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in Arbitrary file system read. Exploitation of this issue does not require user...

PT-2023-1943 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions 2018 Update 15 and earlier and 2021 Update 5 and earlier Description: The issue is related to a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the...

SUSE CVE-2020-10367

Certain Cypress and Broadcom Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a "Spectra" attack...

2021-11 Cumulative Update for Azure Stack HCI, version 20H2 and Windows Server 2019 Datacenter: Azure Edition for x64-based Systems (KB5007187)

Install this update to resolve issues in Azure Stack HCI, version 20H2 and Windows Server 2019 Datacenter: Azure Edition. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, y...

Adobe ColdFusion 2018.x < 2018 Update 12 / 2021.x < 2021 Update 2 Multiple Vulnerabilities (APSB21-75)

The version of Adobe ColdFusion installed on the remote Windows host is prior to 2018.x update 12 or 2021.x update 2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB21-75 advisory including the following: - A vulnerability exists in Adobe Coldfusion due to the usa...

CVE-2021-40444

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

2021-08 Cumulative Update for Windows 10 Version 2004 for ARM64-based Systems (KB5005033)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

Acronis True Image 安全漏洞

Acronis True Image is a famous data backup and restore software from Acronis Singapore. The software can be used to create drive and disk images and can restore the image when a clean system is needed. Acronis True Image A security vulnerability exists in version 2021 Update 4 and earlier for...

Design/Logic Flaw

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option...

Improper access control

Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021 Release allows attackers to arbitrary code execution by replacing FOTA update file...