Filtered by vendor Adobe
Subscriptions
Filtered by product Coldfusion
Subscriptions
Total
188 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-3467 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in an unspecified method in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2010-1293 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1294 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensitive information via unknown vectors. | ||||
| CVE-2011-0580 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-0581 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Multiple CRLF injection vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified tags. | ||||
| CVE-2011-0582 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Unspecified vulnerability in the administrator console in Adobe ColdFusion 8.0 through 9.0.1 allows attackers to obtain sensitive information via unknown vectors. | ||||
| CVE-2011-0583 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via the cfform tag. | ||||
| CVE-2011-0584 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2011-0629 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2011-0733 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm file. | ||||
| CVE-2011-2091 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2011-4368 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Remote Development Services (RDS) in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-0770 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | ||||
| CVE-2012-2048 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2012-5675 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Adobe ColdFusion 9.0 through 9.0.2, and 10, allows local users to bypass intended shared-hosting sandbox permissions via unspecified vectors. | ||||
| CVE-2013-1387 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 10, 9.0.1 before Update 9, 9.0.2 before Update 4, and 10 before Update 9 allows attackers to impersonate users via unknown vectors. | ||||
| CVE-2013-3336 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors. | ||||
| CVE-2013-3349 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when the JRun application server is used, allows remote attackers to cause a denial of service via unknown vectors. | ||||
| CVE-2013-3350 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) public methods via WebSockets. | ||||
| CVE-2013-5328 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Adobe ColdFusion 10 before Update 12 allows remote attackers to read arbitrary files via unspecified vectors. | ||||