Vulnerabilities > Adobe > Coldfusion > 2023

DATE CVE VULNERABILITY TITLE RISK
2023-11-17 CVE-2023-26347 Improper Access Control vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-284
7.5
7.5
2023-11-17 CVE-2023-44350 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2023-11-17 CVE-2023-44351 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2023-11-17 CVE-2023-44352 Cross-site Scripting vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability.
network
low complexity
adobe CWE-79
6.1
6.1
2023-11-17 CVE-2023-44353 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2023-11-17 CVE-2023-44355 Improper Input Validation vulnerability in Adobe Coldfusion
Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-20
4.3
4.3
2023-09-14 CVE-2023-38204 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 2018/2021/2023
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution.
network
low complexity
adobe CWE-502
critical
 9.8
9.8
2023-09-14 CVE-2023-38205 Unspecified vulnerability in Adobe Coldfusion 2018/2021/2023
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe
7.5
7.5
2023-09-14 CVE-2023-38206 Unspecified vulnerability in Adobe Coldfusion 2018/2021/2023
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass.
network
low complexity
adobe
5.3
5.3
2023-07-20 CVE-2023-38203 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 2018/2021/2023
Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution.
network
low complexity
adobe CWE-502
critical
 9.8
9.8