13 matches found
EUVD-2005-1025
Malware in sbrugna...
EUVD-2018-16727
Malware in sbrugna...
EUVD-2005-4338
Malware in sbrugna...
EUVD-2024-34635
Malicious code in bioql PyPI...
CVE-2025-49541
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...
CVE-2025-49536
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of...
CVE-2025-49536 ColdFusion | Incorrect Authorization (CWE-863)
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of...
CVE-2025-43561 ColdFusion | Incorrect Authorization (CWE-863)
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass authentication mechanisms and...
Adobe ColdFusion Information Disclosure Vulnerability (CNVD-2025-07807)
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. Adobe ColdFusion has an information disclosure vulnerability that can be exploited by attackers to caus...
CVE-2025-30294
CVE-2025-30294 affects Adobe ColdFusion 2023.12, 2021.18, 2025.0 and earlier. Root cause: Improper Input Validation leading to a security feature bypass. Impact: high-privileged attacker could bypass protections and gain unauthorized read access; exploitation does not require user interaction. Af...
CVE-2025-30281 ColdFusion | Improper Access Control (CWE-284)
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution. A high-privileged attacker could leverage this vulnerability to access or modify sensitive data without proper authorization. Exploitati...
Adobe ColdFusion Cross-Site Scripting Vulnerability (CNVD-2021-30491)
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. A security vulnerability exists in Adobe ColdFusion. An attacker could exploit the vulnerability to...
CVE-2000-0382
ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site...