CVE-2022-38421 ColdFusion versions Update 14 and earlier are affected by an 'Improper Limitation of a Pathname to a Restricted Directory' vulnerability that could allow arbitrary code execution.
Adobe released updates to address this issue in ColdFusion Update 14 and earlier, ColdFusion Update 4 and earlier, ColdFusion MX Update 14 and earlier, ColdFusion
CVE-2022-38450 Adobe Reader versions 22.002.20212 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user.
An attacker could leverage social engineering to trick a user into opening malicious file or remotely via maliciously crafted email. In the scenario of receiving
CVE-2022-38420 ColdFusion versions Update 14, Update 4 are affected by a Use of Hard-coded Credentials vulnerability that could lead to application denial-of-service.
If a user trusts the application that receives the malformed data, access to the start/stop arbitrary service capability could be exploited. By sending an
CVE-2022-2985 In music service, there is a missing permission check
The security issue can be demonstrated by the following example: An attacker has access to a music service instance and sends an email with a
CVE-2022-38687 In messaging service, there is a missing permission check
You should be attentive to the following points when configuring permissions:
When setting up a new application or upgrading an existing application, make sure that
Episode
00:00:00
00:00:00