23 matches found
EUVD-2014-8991
Malware in sbrugna...
EUVD-2001-1101
Malware in sbrugna...
EUVD-2016-2218
Malware in sbrugna...
EUVD-2021-27864
Malicious code in bioql PyPI...
Adobe ColdFusion < 2021.x < 2021u21 / 2023.x < 2023u15 / 2025.x < 2025u3 Multiple Vulnerabilities (APSB25-69)
The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 21, 2023.x update 15, or 2025.x update 3. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-69 advisory. - ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are...
Vulnerabilities fixed in Adobe ColdFusion
Adobe has fixed vulnerabilities in ColdFusion Specifically for versions 25.2, 23.14, 21.20 and earlier. The vulnerabilities in ColdFusion include a significant vulnerability related to improper restriction of XML External Entity Reference XXE, hard-coded credentials, improper authorization, XML...
APSB25-69 : Security update available for Adobe ColdFusion
Adobe has released security updates for ColdFusion versions 2025, 2023 and 2021. These updates resolve critical, important and moderate vulnerabilities that could lead to arbitrary file system read, arbitrary code execution, privilege escalation, security feature bypass and application...
Adobe ColdFusion 2021.x < 2021u20 / 2023.x < 2023u14 / 2025.x < 2025u2 Multiple Vulnerabilities (APSB25-52)
The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 20, 2023.x update 14, or 2025.x update 2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-52 advisory. - ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are...
Vulnerabilities fixed in Adobe ColdFusion
Adobe has fixed vulnerabilities in ColdFusion Versions 2025.1, 2023.13, 2021.19 and earlier. The vulnerabilities are in the way ColdFusion handles input validation and authorization. Highly privileged attackers can execute arbitrary code without user interaction, which can lead to unauthorized...
Adobe ColdFusion 2021.x < 2021u19 / 2023.x < 2023u13 / 2025.x < 2025u1 Multiple Vulnerabilities (APSB25-15)
The version of Adobe ColdFusion installed on the remote Windows host is prior to 2021.x update 19, 2023.x update 13, or 2025.x update 1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB25-15 advisory. - Improper Authentication CWE-287 potentially leading to Arbitra...
Vulnerabilities fixed in Adobe ColdFusion
Adobe has fixed vulnerabilities in ColdFusion Specifically for versions 2023.12, 2021.18, 2025.0 and earlier. The vulnerabilities are in the way ColdFusion handles input validation, authentication, access and deserialization of untrusted data. Malicious parties can exploit these vulnerabilities t...
Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered
Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary file read and code execution. Of the 30 flaws in the product, 11 are rated Critical in severity -...
CVE-2025-24447
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user resulting in a High impact to Confidentiality and Integrity. Exploitation of this issue does...
PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability
Proof-of-concept PoC exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks formerly vRealize Network Insight. The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been describe...
Vulnerabilities fixed in Adobe ColdFusion
Adobe has fixed vulnerabilities in ColdFusion. A malicious party could exploit the vulnerabilities to execute arbitrary code execute application privileges to gain access to sensitive data. Of the vulnerability with reference CVE-2023-26360, Adobe indicates information that it has already been...
EEYE: Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities
Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow Vulnerabilities Release Date: November 12, 2002 Severity: High Remote SYSTEM level code execution Systems Affected: Macromedia Coldfusion 6.0 and prior IIS ISAPI Macromedia JRun 4.0 and prior IIS ISAPI Description: Macromedia JRun and...
CVE-2001-1120
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to 1 read or delete arbitrary files, or 2 overwrite ColdFusion Server templates...
ISSalert: ISS Advisory: Remote Vulnerabilities in Macromedia ColdFusion Example Applications
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security...
Дырки в ColdFusion (file access)
Уязвимости в демонстрационных приложениях...
CVE-2001-1120
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to 1 read or delete arbitrary files, or 2 overwrite ColdFusion Server templates...