Vulnerabilities > Adobe > Coldfusion > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-05-24 CVE-2019-7816 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Coldfusion 11.0/2016/2018
ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability.
network
low complexity
adobe CWE-434
critical
9.8
2018-09-25 CVE-2018-15957 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
9.8
2018-09-25 CVE-2018-15958 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
9.8
2018-09-25 CVE-2018-15959 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
9.8
2018-09-25 CVE-2018-15961 Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability.
network
low complexity
adobe CWE-434
critical
9.8
2018-09-25 CVE-2018-15965 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability.
network
low complexity
adobe CWE-502
critical
9.8
2018-05-19 CVE-2018-4939 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability.
network
low complexity
adobe CWE-502
critical
9.8
2017-12-01 CVE-2017-11283 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability.
network
low complexity
adobe CWE-502
critical
9.8
2017-12-01 CVE-2017-11284 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability.
network
low complexity
adobe CWE-502
critical
9.8
2017-04-27 CVE-2017-3066 Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 10.0/11.0/2016
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library.
network
low complexity
adobe CWE-502
critical
9.8