Vulnerabilities > Adobe > Coldfusion > 2018.0.0.310739

DATE CVE VULNERABILITY TITLE RISK
2023-11-17 CVE-2023-26347 Improper Access Control vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-284
7.5
7.5
2023-11-17 CVE-2023-44350 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2023-11-17 CVE-2023-44351 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2023-11-17 CVE-2023-44352 Cross-site Scripting vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
6.1
6.1
2023-11-17 CVE-2023-44353 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2023-11-17 CVE-2023-44355 Improper Input Validation vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-20
4.3
4.3