Microsoft Exchange Server 代码注入漏洞

Microsoft Exchange Server is a set of email service programs provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There is a code injection vulnerability in Microsoft Exchange Server. Attackers can explo...

Microsoft Exchange Server 跨站脚本漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...

Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are security vulnerabilities in Microsoft Exchange Server. Attackers use these...

CVE-2025-40809

A vulnerability has been identified in Solid Edge SE2024 All versions V224.0 Update 14, Solid Edge SE2025 All versions V225.0 Update 6. The affected applications contains an out of bounds write vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the...

CVE-2025-40811

A vulnerability has been identified in Solid Edge SE2024 All versions V224.0 Update 14, Solid Edge SE2025 All versions V225.0 Update 6. The affected applications contains an out of bounds read vulnerability while parsing specially crafted PRT files. This could allow an attacker to crash the...

Microsoft Exchange Server 安全漏洞

Microsoft Exchange Server is a set of e-mail service programs from the American Microsoft Corporation Microsoft. It provides email access, storage, forwarding, voice mail, email filtering and screening. A security vulnerability exists in Microsoft Exchange Server. The vulnerability is exploited b...

CVE-2025-38015

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix memory leak in error handling path of idxdalloc Memory allocated for idxd is not freed if an error occurs during idxdalloc. To fix it, free the allocated memory in the reverse order of allocation before exiti...

PT-2023-24579

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.3.0 through 7.4.0 Liferay DXP 7.3 before update 14 Description A cross-site scripting XSS issue exists in the App Builder module's custom object details page, allowing remote attackers to inject arbitrary web script o...

CVE-2022-38423

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in information disclosure. Exploitation of this issue does not require user interaction, but doe...

CVE-2022-38419

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary file system read. Exploitation of this issue does not require user interaction...

CVE-2022-35712

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

Xxe

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary file system read. Exploitation of this issue does not require user interaction...

Path traversal

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in information disclosure. Exploitation of this issue does not require user interaction...

Hardcoded credentials

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by gaining access to start/stop arbitrary services. Exploitation of this issue does not require user interactio...

Path traversal

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary file system write. Exploitation of this issue does not require user interaction, bu...

CVE-2022-42340 Adobe ColdFusion Improper Input Validation Arbitrary file system read

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary file system read. Exploitation of this issue does not require user interaction...

CVE-2022-42340

Adobe ColdFusion is affected by CVE-2022-42340 due to an Improper Input Validation vulnerability that enables arbitrary file system reads. According to the connected advisories, the issue impacts ColdFusion versions prior to the security updates in APSB22-44 (notably older Update 14 and Update 4 ...

CVE-2022-38421 Adobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does...

CVE-2022-38419 Adobe ColdFusion Solr Service XML External Entity Processing Arbitrary file system read

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary file system read. Exploitation of this issue does not require user interaction...

CVE-2022-35711 Adobe ColdFusion ODBC Server Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...