Coldfusion Security Vulnerabilities and Issues — Coldfusion CVE List

Lucene search

AdobeColdfusion

14 matches found

CVE•added 2018/09/25 1:29 p.m.•1052 views

CVE-2018-15961

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.

10CVSS9.5AI score0.94422EPSS

CVE•added 2018/05/19 5:29 p.m.•924 views

CVE-2018-4939

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution.

10CVSS9.5AI score0.85528EPSS

CVE•added 2018/09/25 1:29 p.m.•58 views

CVE-2018-15957

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.

10CVSS9.6AI score0.6195EPSS

CVE•added 2018/05/19 5:29 p.m.•51 views

CVE-2018-4942

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS8.1AI score0.00902EPSS

CVE•added 2018/05/19 5:29 p.m.•49 views

CVE-2018-4938

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.

7.8CVSS8.4AI score0.00195EPSS

CVE•added 2018/09/25 1:29 p.m.•47 views

CVE-2018-15962

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerability. Successful exploitation could lead to information disclosure.

5.3CVSS6.7AI score0.02392EPSS

CVE•added 2018/09/25 1:29 p.m.•46 views

CVE-2018-15959

10CVSS9.6AI score0.41632EPSS

CVE•added 2018/09/25 1:29 p.m.•46 views

CVE-2018-15964

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure.

7.5CVSS8AI score0.11331EPSS

CVE•added 2018/09/25 1:29 p.m.•45 views

CVE-2018-15965

10CVSS9.6AI score0.41632EPSS

CVE•added 2018/09/25 1:29 p.m.•44 views

CVE-2018-15963

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.

5.3CVSS7.2AI score0.06624EPSS

CVE•added 2018/05/19 5:29 p.m.•43 views

CVE-2018-4940

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. Successful exploitation could lead to information disclosure.

6.1CVSS6.8AI score0.01145EPSS

CVE•added 2018/09/25 1:29 p.m.•42 views

CVE-2018-15958

10CVSS9.6AI score0.41632EPSS

CVE•added 2018/05/19 5:29 p.m.•42 views

CVE-2018-4941

6.1CVSS6.8AI score0.01145EPSS

CVE•added 2018/09/25 1:29 p.m.•41 views

CVE-2018-15960

7.5CVSS7.8AI score0.09043EPSS