Lucene search
K

42 matches found

Cvelist
Cvelist
added 2022/10/14 7:42 p.m.32 views

CVE-2022-35711 Adobe ColdFusion ODBC Server Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

9.8CVSS9.8AI score0.73487EPSS
Exploits0References1
CVE
CVE
added 2022/10/14 7:42 p.m.81 views

CVE-2022-38418

CVE-2022-38418 affects Adobe ColdFusion versions Update 14 and earlier, and Update 4 and earlier. The issue is an improper limitation of a pathname to a restricted directory (path traversal) that could allow arbitrary code execution in the context of the current user. Exploitation does not requir...

9.8CVSS9.6AI score0.80023EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/14 7:42 p.m.27 views

CVE-2022-38418 Adobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does...

9.8CVSS9.8AI score0.80023EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/14 7:42 p.m.27 views

CVE-2022-35710 Adobe ColdFusion ODBC Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

9.8CVSS9.8AI score0.42577EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/14 7:42 p.m.23 views

CVE-2022-35690 Adobe ColdFusion ODBC Agent Stack-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

9.8CVSS9.8AI score0.72213EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/14 7:42 p.m.25 views

CVE-2022-35712 Adobe ColdFusion ODBC Agent Heap-based Buffer Overflow Remote Code Execution Vulnerability

Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...

9.8CVSS9.8AI score0.36753EPSS
Exploits0References1
Virtuozzo
Virtuozzo
added 2020/08/19 12:0 a.m.58 views

Product update: Virtuozzo Hybrid Server 7.0 Update 14 Hotfix 2 (7.0.14-258)

The Hotfix 2 for Virtuozzo Hybrid Server 7.0 Update 14 provides security, stability, and usability bug fixes. Vulnerability id: PSBM-106197, CVE-2019-20839, CVE-2019-20840, CVE-2020-14396, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399, CVE-2020-14400, CVE-2020-14401, CVE-2020-14402,...

7.5CVSS7.4AI score0.03589EPSS
Exploits0References12
Virtuozzo
Virtuozzo
added 2020/07/07 12:0 a.m.26 views

Product update: Virtuozzo Hybrid Server 7.0 Update 14 Hotfix 1 (7.0.14-257)

The Hotfix 1 for Virtuozzo Hybrid Server 7.0 Update 14 provides stability and usability bug fixes. Vulnerability id: PSBM-105022 Unable to live-migrate VMs with dirty bitmaps on Virtuozzo Storage. Vulnerability id: PSBM-104631, PSBM-104632 CS journals to be placed on SSDs are now properly handled...

7AI score
Exploits0
Kaspersky
Kaspersky
added 2020/03/10 12:0 a.m.296 views

KLA11685 Spoofing vulnerability in Microsoft Exchange Server

A spoofing vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2020-0903 Related products Microsoft-Exchange-Server CVE list CVE-2020-0903 warning KB list 4540123 Solution Install necessary updates...

5.4CVSS7.4AI score0.01649EPSS
Exploits0References4
OSV
OSV
added 2018/09/25 1:29 p.m.3 views

CVE-2018-15961

Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution...

9.8CVSS7.5AI score0.9995EPSS
Exploits11References5
NVD
NVD
added 2018/09/25 1:29 p.m.16 views

CVE-2018-15961

Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution...

10CVSS9.8AI score0.9995EPSS
Exploits11References5
NVD
NVD
added 2018/09/25 1:29 p.m.25 views

CVE-2018-15959

Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution...

10CVSS9.7AI score0.25856EPSS
Exploits0References3
CVE
CVE
added 2018/09/25 1:0 p.m.57 views

CVE-2018-15959

CVE-2018-15959 describes an insecure deserialization vulnerability in Adobe ColdFusion. The issue affects ColdFusion versions released July 12, 2018 (2018.0.0.310739) and Update 6 and earlier, as well as Update 14 and earlier, where deserializing untrusted data can lead to arbitrary code executio...

10CVSS9.6AI score0.25856EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/04/12 12:0 a.m.71 views

Adobe ColdFusion 11.x < 11u14 / 2016.x < 2016u6 Multiple Vulnerabilities (APSB18-14)

The version of Adobe ColdFusion running on the remote Windows host is 11.x prior to update 14 or 2016.x prior to update 6. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid109017; scriptversion"1.9";...

10CVSS7.2AI score0.63304EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2018/04/12 12:0 a.m.89 views

Adobe ColdFusion Multiple Vulnerabilities (APSB18-14)

Adobe ColdFusion is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:coldfusion";...

10CVSS7AI score0.63304EPSS
Exploits1References3
securityvulns
securityvulns
added 2013/03/11 12:0 a.m.122 views

APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...

10CVSS0.2AI score0.86151EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2013/03/05 12:0 a.m.56 views

Mac OS X : Java for Mac OS X 10.6 Update 14

The remote Mac OS X host has a version of Java for Mac OS X 10.6 that is missing Update 14, which updates the Java version to 1.6.043. It is, therefore, affected by two security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...

10CVSS8.2AI score0.86151EPSS
Exploits10References9
UbuntuCve
UbuntuCve
added 2008/03/06 9:44 p.m.27 views

CVE-2008-1193

Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application...

9.3CVSS5.9AI score0.12501EPSS
Exploits1References1
CVE
CVE
added 2008/01/09 11:0 p.m.94 views

CVE-2007-0012

CVE-2007-0012 affects Sun JRE 5.0 before update 14. An issue in the jpiexp32.dll can trigger a NULL pointer dereference when an HTML object tag encodes a Java applet without a defined name attribute, potentially crashing Internet Explorer/JRE. Exploitation described as remote and requiring a user...

4.3CVSS6.5AI score0.01882EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/11/06 12:0 a.m.250 views

Solaris 5.9 (x86) : 120190-19

StarSuite 8 Solarisx86: Update 14. Date this patch was last updated by Sun : Sep/11/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...

8.1AI score0.14347EPSS
Exploits4References12
Rows per page
Query Builder