Vulnerabilities > Adobe > Coldfusion > 2023

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-24446 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution.
local
low complexity
adobe
7.8
2025-04-08 CVE-2025-24447 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe
7.8
2025-04-08 CVE-2025-30282 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Authentication vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
adobe
8.8
2025-04-08 CVE-2025-30284 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
adobe
8.4
2025-04-08 CVE-2025-30285 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
adobe
8.4
2025-04-08 CVE-2025-30286 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker.
network
low complexity
adobe
8.4
2025-04-08 CVE-2025-30287 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Authentication vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe
8.2
2025-04-08 CVE-2025-30288 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
local
low complexity
adobe
8.2
2025-04-08 CVE-2025-30289 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker.
local
low complexity
adobe
8.2
2025-04-08 CVE-2025-30291 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Information Exposure vulnerability that could result in a security feature bypass.
local
low complexity
adobe
5.5