CVE-2022-38421 ColdFusion versions Update 14 and earlier are affected by an 'Improper Limitation of a Pathname to a Restricted Directory' vulnerability that could allow arbitrary code execution.
Adobe released updates to address this issue in ColdFusion Update 14 and earlier, ColdFusion Update 4 and earlier, ColdFusion MX Update 14 and earlier, ColdFusion
CVE-2022-35711 ColdFusion versions Update 14 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could compromise the user's system.
When the server receives the crafted packet, it could cause a heap-based buffer overflow, due to incorrect validation of user-supplied data. An attacker can leverage
CVE-2022-38687 In messaging service, there is a missing permission check
You should be attentive to the following points when configuring permissions:
When setting up a new application or upgrading an existing application, make sure that
CVE-2022-2985 In music service, there is a missing permission check
The security issue can be demonstrated by the following example: An attacker has access to a music service instance and sends an email with a
CVE-2021-0699 An out of bounds write in HTBLogKM could lead to local escalation of privilege in the kernel.
This issue exists because of a bug in the implementation of the bounds check. It can be exploited after gaining access to a privileged process.
Episode
00:00:00
00:00:00