Vulnerabilities > Adobe > Coldfusion > 11.0

DATE CVE VULNERABILITY TITLE RISK
2018-09-25 CVE-2018-15965 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2018-09-25 CVE-2018-15964 Information Exposure vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability.
network
low complexity
adobe CWE-200
7.5
7.5
2018-09-25 CVE-2018-15963 Unspecified vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability.
network
low complexity
adobe
5.3
5.3
2018-09-25 CVE-2018-15962 Information Exposure vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerability.
network
low complexity
adobe CWE-200
5.3
5.3
2018-09-25 CVE-2018-15961 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability.
network
low complexity
adobe CWE-434
critical
 9.8
9.8
2018-09-25 CVE-2018-15960 Improper Input Validation vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability.
network
low complexity
adobe CWE-20
7.5
7.5
2018-09-25 CVE-2018-15959 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2018-09-25 CVE-2018-15958 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2018-09-25 CVE-2018-15957 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2018-05-19 CVE-2018-4942 XXE vulnerability in Adobe Coldfusion 11.0/2016
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability.
network
low complexity
adobe CWE-611
7.5
7.5