Skip to main content
CVE-2018-15961 CRITICAL POC KEV THREAT Emergency

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Adobe RCE Coldfusion
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
100.0%
CVE-2018-15965 CRITICAL Act Now

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Deserialization RCE Coldfusion
NVD
CVSS 3.1
9.8
EPSS
25.9%
CVE-2018-15959 CRITICAL Act Now

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Deserialization RCE Coldfusion
NVD
CVSS 3.1
9.8
EPSS
25.9%
CVE-2018-15958 CRITICAL Act Now

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Deserialization RCE Coldfusion
NVD
CVSS 3.1
9.8
EPSS
25.9%
CVE-2018-15957 CRITICAL Act Now

Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Deserialization RCE Coldfusion
NVD
CVSS 3.1
9.8
EPSS
28.2%
CVE-2018-12848 CRITICAL Act Now

Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
34.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy