Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

ColdFusion — Vulnerabilities & Security Advisories 117

All 117 CVE vulnerabilities found in ColdFusion, with AI-generated Chinese analysis, references, and POCs.

Vendor: Adobe

CVE IDTitleCVSSSeverityPaused
CVE-2024-34113 ColdFusion | Weak Cryptography for Passwords (CWE-261) CWE-261 5.5 Medium2024-06-13
CVE-2024-20767 ColdFusion | Improper Access Control (CWE-284) CWE-284 7.4 High2024-03-18
CVE-2023-44351 Adobe ColdFusion RCE Security Vulnerability CWE-502 9.8 Critical2023-11-17
CVE-2023-44355 ColdFusion | Improper Input Validation (CWE-20) CWE-20 4.3 Medium2023-11-17
CVE-2023-26347 CVE-2023-38205 issues | ColdFusion Admin Panel Access CWE-284 7.5 High2023-11-17
CVE-2023-44352 Unauthenticate Reflected XSS on Adobe Coldfusion 2018 - 2021 - 2023 last version CWE-79 6.1 Medium2023-11-17
CVE-2023-44353 ColdFusion WDDX Deserialization Gadgets CWE-502 9.8 Critical2023-11-17
CVE-2023-44350 ColdFusion | Deserialization of Untrusted Data (CWE-502) CWE-502 9.8 Critical2023-11-17
CVE-2023-38204 Bypass APSB23-41 (CVE-2023-38203) - Pre-Auth RCE ColdFusion 2021 Update 8 CWE-502 9.8 Critical2023-09-14
CVE-2023-38205 ColdFusion Bypass - Vulnerability disclosure in ColdFusion | BYPASS CVE-2023-29298 CWE-284 7.5 High2023-09-14
CVE-2023-38206 ColdFusion | Improper Access Control (CWE-284) CWE-284 5.3 Medium2023-09-14
CVE-2021-40699 ColdFusion CFIDE Improper Access Control Leads To Privilege Escalation CWE-284 7.4 High2023-09-07
CVE-2021-40698 ColdFusion Use of Inherently Dangerous Function Leads To Security feature bypass   CWE-242 7.4 High2023-09-07
CVE-2023-38203 Analysis CVE-2023-29300 Bypass: Adobe ColdFusion Pre-Auth RCE CWE-502 9.8 Critical2023-07-20
CVE-2023-29300 Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution CWE-502 9.8 Critical2023-07-12
CVE-2023-29301 Adobe ColdFusion Improper Restriction of Excessive Authentication Attempts Security feature bypass CWE-307 7.5 High2023-07-12
CVE-2023-29298 Adobe ColdFusion Improper Access Control Security feature bypass CWE-284 7.5 High2023-07-12
CVE-2023-26359 Adobe ColdFusion Deserialization of Untrusted Data Arbitrary code execution CWE-502 9.8 Critical2023-03-23
CVE-2023-26360 Adobe ColdFusion Improper Access Control Arbitrary code execution CWE-284 8.6 High2023-03-23
CVE-2023-26361 Adobe ColdFusion Directory Traversal Arbitrary file system read Vulnerability CWE-22 4.9 Medium2023-03-23
CVE-2022-38424 Adobe ColdFusion Application Server Directory Traversal Arbitrary file system write CWE-22 7.2 High2022-10-14
CVE-2022-42340 Adobe ColdFusion Improper Input Validation Arbitrary file system read CWE-20 7.5 High2022-10-14
CVE-2022-42341 Adobe ColdFusion Improper Restriction of XML External Entity Reference Arbitrary file system read CWE-611 7.5 High2022-10-14
CVE-2022-38419 Adobe ColdFusion Solr Service XML External Entity Processing Arbitrary file system read CWE-611 7.5 High2022-10-14
CVE-2022-38421 Adobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability CWE-22 7.2 High2022-10-14
CVE-2022-38422 Adobe ColdFusion Application Server Directory Traversal Information Disclosure Vulnerability CWE-22 7.5 High2022-10-14
CVE-2022-38423 Adobe ColdFusion Application Server Directory Traversal Information Disclosure Vulnerability CWE-22 4.9 Medium2022-10-14
CVE-2022-35690 Adobe ColdFusion ODBC Agent Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121 9.8 Critical2022-10-14
CVE-2022-35711 Adobe ColdFusion ODBC Server Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 9.8 Critical2022-10-14
CVE-2022-35712 Adobe ColdFusion ODBC Agent Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 9.8 Critical2022-10-14

All 117 known CVE vulnerabilities affecting ColdFusion with full Chinese analysis, references, and POCs where available.