Page 10 of 149 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0

Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. Adobe ColdFusion tiene una vulnerabilidad de inyección de XEE (XML External Entity). Esto afecta al Update 4 y a versiones anteriores para ColdFusion 2016 y al Update 12 y versiones anteriores para ColdFusion 11. • http://www.securityfocus.com/bid/100715 http://www.securitytracker.com/id/1039321 https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 9.8EPSS: 51%CPEs: 18EXPL: 0

Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. Adobe ColdFusion tiene una vulnerabilidad de deserialización de datos no fiables. Esto afecta al Update 4 y a versiones anteriores para ColdFusion 2016 y al Update 12 y versiones anteriores para ColdFusion 11. • http://www.securityfocus.com/bid/100708 http://www.securitytracker.com/id/1039321 https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html • CWE-502: Deserialization of Untrusted Data •

CVSS: 9.8EPSS: 51%CPEs: 18EXPL: 0

Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. Adobe ColdFusion tiene una vulnerabilidad de deserialización de datos no fiables. Esto afecta al Update 4 y a versiones anteriores para ColdFusion 2016 y al Update 12 y versiones anteriores para ColdFusion 11. • http://www.securityfocus.com/bid/100708 http://www.securitytracker.com/id/1039321 https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html • CWE-502: Deserialization of Untrusted Data •

CVSS: 6.1EPSS: 0%CPEs: 18EXPL: 0

Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. Adobe ColdFusion tiene una vulnerabilidad de Cross-Site Scripting (XSS). Esto afecta al Update 4 y a versiones anteriores para ColdFusion 2016 y al Update 12 y versiones anteriores para ColdFusion 11. • http://www.securityfocus.com/bid/100711 http://www.securitytracker.com/id/1039321 https://helpx.adobe.com/security/products/coldfusion/apsb17-30.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 39EXPL: 0

Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability. Adobe ColdFusion 2016 Update 3 y anteriores, ColdFusion 11 update 11 y anteriores, ColdFusion 10 Update 22 y versiones anteriores tienen una vulnerabilidad de cross-site scripting. • http://www.securityfocus.com/bid/98002 http://www.securitytracker.com/id/1038364 https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •