42 matches found
CVE-2022-35711 Adobe ColdFusion ODBC Server Heap-based Buffer Overflow Remote Code Execution Vulnerability
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...
CVE-2022-38418
CVE-2022-38418 affects Adobe ColdFusion versions Update 14 and earlier, and Update 4 and earlier. The issue is an improper limitation of a pathname to a restricted directory (path traversal) that could allow arbitrary code execution in the context of the current user. Exploitation does not requir...
CVE-2022-38418 Adobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does...
CVE-2022-35710 Adobe ColdFusion ODBC Server Stack-based Buffer Overflow Remote Code Execution Vulnerability
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...
CVE-2022-35690 Adobe ColdFusion ODBC Agent Stack-based Buffer Overflow Remote Code Execution Vulnerability
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...
CVE-2022-35712 Adobe ColdFusion ODBC Agent Heap-based Buffer Overflow Remote Code Execution Vulnerability
Adobe ColdFusion versions Update 14 and earlier and Update 4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is...
Product update: Virtuozzo Hybrid Server 7.0 Update 14 Hotfix 2 (7.0.14-258)
The Hotfix 2 for Virtuozzo Hybrid Server 7.0 Update 14 provides security, stability, and usability bug fixes. Vulnerability id: PSBM-106197, CVE-2019-20839, CVE-2019-20840, CVE-2020-14396, CVE-2020-14397, CVE-2020-14398, CVE-2020-14399, CVE-2020-14400, CVE-2020-14401, CVE-2020-14402,...
Product update: Virtuozzo Hybrid Server 7.0 Update 14 Hotfix 1 (7.0.14-257)
The Hotfix 1 for Virtuozzo Hybrid Server 7.0 Update 14 provides stability and usability bug fixes. Vulnerability id: PSBM-105022 Unable to live-migrate VMs with dirty bitmaps on Virtuozzo Storage. Vulnerability id: PSBM-104631, PSBM-104632 CS journals to be placed on SSDs are now properly handled...
KLA11685 Spoofing vulnerability in Microsoft Exchange Server
A spoofing vulnerability was found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2020-0903 Related products Microsoft-Exchange-Server CVE list CVE-2020-0903 warning KB list 4540123 Solution Install necessary updates...
CVE-2018-15961
Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2018-15961
Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2018-15959
Adobe ColdFusion versions July 12 release 2018.0.0.310739, Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2018-15959
CVE-2018-15959 describes an insecure deserialization vulnerability in Adobe ColdFusion. The issue affects ColdFusion versions released July 12, 2018 (2018.0.0.310739) and Update 6 and earlier, as well as Update 14 and earlier, where deserializing untrusted data can lead to arbitrary code executio...
Adobe ColdFusion 11.x < 11u14 / 2016.x < 2016u6 Multiple Vulnerabilities (APSB18-14)
The version of Adobe ColdFusion running on the remote Windows host is 11.x prior to update 14 or 2016.x prior to update 6. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid109017; scriptversion"1.9";...
Adobe ColdFusion Multiple Vulnerabilities (APSB18-14)
Adobe ColdFusion is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:coldfusion";...
APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...
Mac OS X : Java for Mac OS X 10.6 Update 14
The remote Mac OS X host has a version of Java for Mac OS X 10.6 that is missing Update 14, which updates the Java version to 1.6.043. It is, therefore, affected by two security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...
CVE-2008-1193
Unspecified vulnerability in Java Runtime Environment Image Parsing Library in Sun JDK and JRE 6 Update 4 and earlier, and 5.0 Update 14 and earlier, allows remote attackers to gain privileges via an untrusted application...
CVE-2007-0012
CVE-2007-0012 affects Sun JRE 5.0 before update 14. An issue in the jpiexp32.dll can trigger a NULL pointer dereference when an HTML object tag encodes a Java applet without a defined name attribute, potentially crashing Internet Explorer/JRE. Exploitation described as remote and requiring a user...
Solaris 5.9 (x86) : 120190-19
StarSuite 8 Solarisx86: Update 14. Date this patch was last updated by Sun : Sep/11/09 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...