Vulnerabilities > Adobe > Coldfusion > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-27 | CVE-2019-8074 | Path Traversal vulnerability in Adobe Coldfusion 2016/2018 ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 and earlier have a Path Traversal vulnerability. | 9.8 |
2019-06-12 | CVE-2019-7838 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Coldfusion 11.0/2016/2018 ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. | 9.8 |
2019-06-12 | CVE-2019-7839 | Command Injection vulnerability in Adobe Coldfusion 11.0/2016/2018 ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a command injection vulnerability. | 9.8 |
2019-06-12 | CVE-2019-7840 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018 ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a deserialization of untrusted data vulnerability. | 9.8 |
2019-05-24 | CVE-2019-7091 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018 ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a deserialization of untrusted data vulnerability. | 9.8 |
2019-05-24 | CVE-2019-7816 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Coldfusion 11.0/2016/2018 ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a file upload restriction bypass vulnerability. | 9.8 |
2018-09-25 | CVE-2018-15957 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018 Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. | 9.8 |
2018-09-25 | CVE-2018-15958 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018 Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. | 9.8 |
2018-09-25 | CVE-2018-15959 | Deserialization of Untrusted Data vulnerability in Adobe Coldfusion 11.0/2016/2018 Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. | 9.8 |
2018-09-25 | CVE-2018-15961 | Unrestricted Upload of File with Dangerous Type vulnerability in Adobe Coldfusion 11.0/2016/2018 Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. | 9.8 |