Vulnerabilities > Adobe > Coldfusion > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-13 | CVE-2024-45113 | Improper Authentication vulnerability in Adobe Coldfusion 2021/2023 ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. | 7.5 |
2024-03-18 | CVE-2024-20767 | Unspecified vulnerability in Adobe Coldfusion 2021/2023 ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary file system read. | 7.4 |
2023-09-07 | CVE-2021-40698 | Unspecified vulnerability in Adobe Coldfusion ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. | 7.4 |
2023-09-07 | CVE-2021-40699 | Unspecified vulnerability in Adobe Coldfusion ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. | 7.4 |
2023-07-12 | CVE-2023-29298 | Unspecified vulnerability in Adobe Coldfusion 2018/2021/2023 Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. | 7.5 |
2021-05-27 | CVE-2020-10145 | Incorrect Default Permissions vulnerability in Adobe Coldfusion 2016/2018/2021 The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default installation directory, such as C:\ColdFusion2021\. | 7.8 |
2020-07-17 | CVE-2020-9673 | Untrusted Search Path vulnerability in Adobe Coldfusion 2016/2018 Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. | 7.8 |
2020-07-17 | CVE-2020-9672 | Untrusted Search Path vulnerability in Adobe Coldfusion 2016/2018 Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versions have a dll search-order hijacking vulnerability. | 7.8 |
2020-06-26 | CVE-2020-3768 | Untrusted Search Path vulnerability in Adobe Coldfusion 2016/2018 ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability. | 7.8 |
2020-03-25 | CVE-2020-3761 | Unspecified vulnerability in Adobe Coldfusion 2016/2018 ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a remote file read vulnerability. | 7.5 |