CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30288 – ColdFusion | Improper Access Control (CWE-284)
https://notcve.org/view.php?id=CVE-2025-30288
08 Apr 2025 — A low privileged attacker with local access could leverage this vulnerability to bypass security protections and execute code. Exploitation of this issue requires user interaction in that a victim must be coerced into performing actions within the application and scope is changed. • https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html • CWE-284: Improper Access Control •
CVSS: 9.1EPSS: 1%CPEs: 1EXPL: 0CVE-2025-24446 – ColdFusion | Improper Input Validation (CWE-20)
https://notcve.org/view.php?id=CVE-2025-24446
08 Apr 2025 — ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution. ... ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2025-24447 – ColdFusion | Deserialization of Untrusted Data (CWE-502)
https://notcve.org/view.php?id=CVE-2025-24447
08 Apr 2025 — ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user resulting in a High impact to Confidentiality and Integrity. • https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.4EPSS: 4%CPEs: 1EXPL: 0CVE-2025-30285 – ColdFusion | Deserialization of Untrusted Data (CWE-502)
https://notcve.org/view.php?id=CVE-2025-30285
08 Apr 2025 — ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability... • https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30286 – ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
https://notcve.org/view.php?id=CVE-2025-30286
08 Apr 2025 — ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by a... • https://helpx.adobe.com/security/products/coldfusion/apsb25-15.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30295 – Adobe Framemaker | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2025-30295
08 Apr 2025 — Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30297 – Adobe Framemaker | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2025-30297
08 Apr 2025 — Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30304 – Adobe Framemaker | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2025-30304
08 Apr 2025 — Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30299 – Adobe Framemaker | Heap-based Buffer Overflow (CWE-122)
https://notcve.org/view.php?id=CVE-2025-30299
08 Apr 2025 — Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30296 – Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2025-30296
08 Apr 2025 — Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb25-33.html • CWE-191: Integer Underflow (Wrap or Wraparound) •