Vulnerabilities > Adobe > Coldfusion
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-25 | CVE-2018-15959 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018 Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. | 9.8 |
| 2018-09-25 | CVE-2018-15958 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018 Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. | 9.8 |
| 2018-09-25 | CVE-2018-15957 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018 Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. | 9.8 |
| 2018-05-19 | CVE-2018-4942 | XXE vulnerability in Adobe Coldfusion 11.0/2016 Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. | 7.5 |
| 2018-05-19 | CVE-2018-4941 | Cross-site Scripting vulnerability in Adobe Coldfusion 11.0/2016 Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. | 6.1 |
| 2018-05-19 | CVE-2018-4940 | Cross-site Scripting vulnerability in Adobe Coldfusion 11.0/2016 Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Cross-Site Scripting vulnerability. | 6.1 |
| 2018-05-19 | CVE-2018-4939 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016 Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. | 9.8 |
| 2018-05-19 | CVE-2018-4938 | Uncontrolled Search Path Element vulnerability in Adobe Coldfusion 11.0/2016 Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. | 7.8 |
| 2017-12-01 | CVE-2017-11286 | XXE vulnerability in Adobe Coldfusion 11.0/2016 Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. | 7.5 |
| 2017-12-01 | CVE-2017-11285 | Cross-site Scripting vulnerability in Adobe Coldfusion 11.0/2016 Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. | 6.1 |