Lucene search
K

20 matches found

EUVD
EUVD
added 2026/04/15 12:31 a.m.10 views

EUVD-2026-22762

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access unauthorized files or directories...

7.7CVSS5.8AI score0.08507EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/15 12:31 a.m.5 views

EUVD-2026-22730

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS6.3AI score0.04047EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 10:16 p.m.3 views

CVE-2026-27308

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could exploit this vulnerability and exhaust system resources, reducing application speed. Exploitation o...

2.4CVSS0.02648EPSS
Exploits0References1
NVD
NVD
added 2026/04/14 10:16 p.m.6 views

CVE-2026-27304

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS0.04047EPSS
Exploits0References1
NVD
NVD
added 2026/04/14 10:16 p.m.4 views

CVE-2026-27306

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Attacker requires elevated privileges. Exploitation of this issue requires user interaction in that a victim...

8.4CVSS0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 9:53 p.m.2 views

CVE-2026-34619 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access unauthorized files or directories...

7.7CVSS6AI score0.08507EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 9:53 p.m.51 views

CVE-2026-34619

The CVE-2026-34619 entry affects ColdFusion versions 2023.18, 2025.6 and earlier. It describes an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability that could allow an attacker to access unauthorized files or directories outside intended restrictions. Expl...

7.7CVSS5.8AI score0.08507EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/14 9:53 p.m.18 views

CVE-2026-27308 ColdFusion | Uncontrolled Resource Consumption (CWE-400)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could exploit this vulnerability and exhaust system resources, reducing application speed. Exploitation o...

2.4CVSS0.02648EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/14 9:53 p.m.16 views

CVE-2026-27282 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires us...

7.5CVSS0.00693EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 9:53 p.m.33 views

CVE-2026-27282

CVE-2026-27282 affects ColdFusion versions 2023.18, 2025.6 and earlier. The issue is an Improper Input Validation vulnerability that can bypass security features, potentially allowing unauthorized access. Exploitation requires user interaction. The CVSS details indicate a high impact on integrity...

7.5CVSS5.8AI score0.00693EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/04/14 9:53 p.m.46 views

CVE-2026-27305

Affected product: ColdFusion 2023.18, 2025.6 and earlier. Issue: Improper limitation of a pathname to a restricted directory (path traversal) that could lead to arbitrary file system read. Exploitation does not require user interaction. Impact: confidentiality of data could be exposed (High). Ini...

8.6CVSS5.9AI score0.28962EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/14 9:53 p.m.5 views

CVE-2026-27282 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue requires us...

7.5CVSS6AI score0.00693EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/14 9:53 p.m.15 views

CVE-2026-27304 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS0.04047EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 9:53 p.m.10 views

CVE-2026-27307

CVE-2026-27307 affects Adobe ColdFusion 2023.18, 2025.6 and earlier, with an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. The issue can be exploited by a high-privilege attacker without user interaction and has a low CVSS base score per the pro...

2.4CVSS5.8AI score0.02912EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/14 9:53 p.m.20 views

CVE-2026-27307 ColdFusion | Uncontrolled Resource Consumption (CWE-400)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could exploit this vulnerability and exhaust system resources, reducing application speed. Exploitation o...

2.4CVSS0.02912EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.6 views

PT-2026-32919

ColdFusion | Improper Input Validation CWE-20 CVE: CVE-2026-27282 PT ID: PT-2026-32919 Vendor: Adobe Product: ColdFusion CVSS: 7.5 Credits: n/a Description: ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security...

7.5CVSS6AI score0.00693EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32921

ColdFusion | Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' CWE-22 CVE: CVE-2026-27305 PT ID: PT-2026-32921 Vendor: Adobe Product: ColdFusion CVSS: 8.6 Credits: n/a Description: ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of...

8.6CVSS6.1AI score0.28962EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32920

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction...

9.3CVSS6.3AI score0.04047EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.10 views

Adobe ColdFusion 路径遍历漏洞

Adobe ColdFusion is a rapid application development platform provided by Adobe Inc. This platform includes an integrated development environment and a scripting language. The versions of Adobe ColdFusion from 2023.18 onwards, as well as those before 2025.6, have a path traversal vulnerability. Th...

8.6CVSS7.4AI score0.28962EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.4 views

PT-2026-32923

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. A high-privileged attacker could exploit this vulnerability and exhaust system resources, reducing application speed. Exploitation o...

2.4CVSS5.8AI score0.02912EPSS
Exploits0References3
Rows per page
Query Builder