Lucene search
K

694 matches found

EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-44563

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.5AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-48287

CAI Content Credentials is affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue requires user interaction in that a victim must...

7.4CVSS6.5AI score
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44553

ColdFusion is affected by an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.1CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday2 views

EUVD-2026-44550

ColdFusion is affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-44544

ColdFusion is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday2 views

EUVD-2026-44545

ColdFusion is affected by an Improper Control of Generation of Code 'Code Injection' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.5AI score
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-44542

ColdFusion is affected by a Missing Authentication for Critical Function vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.3CVSS6.5AI score
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2026/07/07 12:0 a.m.27 views

Adobe ColdFusion Path Traversal Vulnerability

Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user...

10CVSS7.9AI score0.28583EPSS
In wildExploits3
CVE
CVE
added 2026/07/06 4:13 p.m.193 views

CVE-2026-48316

CVE-2026-48316 affects Adobe ColdFusion versions 2025.9, 2023.20 and earlier and is an Improper Input Validation vulnerability that could enable arbitrary code execution in the current user context without user interaction. Remediation: update to ColdFusion 2023 Update 21 or ColdFusion 2025 Updat...

10CVSS7.9AI score0.01396EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/30 4:16 p.m.10 views

CVE-2026-48281

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS0.00855EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 3:8 p.m.35 views

CVE-2026-48286

Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability (CWE-863) that could permit arbitrary code execution in the context of the current user. Exploitation does not require user interaction, and the impact is limited to the use...

10CVSS6.4AI score0.00712EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.19 views

PT-2026-53906

Name of the Vulnerable Software and Affected Versions Adobe Campaign Classic versions prior to 7.4.3 build 9396 Description An incorrect authorization issue exists that allows for arbitrary code execution in the context of the current user. This flaw does not require user interaction to be...

10CVSS7.5AI score0.00712EPSS
Exploits0References14
Cvelist
Cvelist
added 2026/06/09 8:1 p.m.44 views

CVE-2026-47919 Acrobat Reader | Use After Free (CWE-416)

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00257EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.26 views

PT-2026-48269

Name of the Vulnerable Software and Affected Versions ColdFusion versions 2023.19 and earlier ColdFusion versions 2025.8 and earlier Description An incorrect authorization flaw allows a high-privileged attacker to achieve arbitrary code execution in the context of the current user. This issue...

9.1CVSS6AI score0.07535EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.11 views

CVE-2026-34660

Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially...

9.3CVSS6.1AI score0.00436EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 7:16 p.m.13 views

CVE-2026-34660

Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially...

9.3CVSS0.00436EPSS
Exploits0References1
Adobe
Adobe
added 2026/05/12 12:0 a.m.34 views

APSB26-52 : Security update available for Adobe Substance 3D Designer

Adobe has released an update for Adobe Substance 3D Designer that addresses important vulnerabilities. Successful exploitation could lead to arbitrary file system read and arbitrary code execution in the context of the current user...

6.3AI score
Exploits0Affected Software1
NVD
NVD
added 2026/04/14 10:16 p.m.7 views

CVE-2026-27304

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS0.04047EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 9:53 p.m.5 views

CVE-2026-27304 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS6.3AI score0.04047EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 9:53 p.m.17 views

CVE-2026-27306

CVE-2026-27306 affects ColdFusion versions 2023.18, 2025.6 and earlier due to improper input validation that can lead to arbitrary code execution in the context of the current user. Attacker requires elevated privileges, and exploitation requires a victim to open a malicious file. Overall risk is...

8.4CVSS6.3AI score0.00298EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder