CVE-2023-38204 : Adobe ColdFusion Deserialization

Description

Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.

References

https://helpx.adobe.com/security/products/coldfusion/apsb23-47.html

For More Information

CVERecord

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-39565 : JUNIPER NETWORKS JUNOS OS UP TO 23.4R1-S1J-WEB XPATH INJECTION

CVE-2024-39565 : JUNIPER NETWORKS JUNOS OS UP TO 23.4R1-S1J-WEB XPATH INJECTION

Description An Improper Neutralization of Data within XPath Expressions (‘XPath Injection’) vulnerability in J-Web shipped with Juniper Networks Junos OS

CVE-2024-6624 : JSON API USER PLUGIN UP TO 3.9.3 ON WORDPRESS REMOTE CODE EXECUTION

CVE-2024-6624 : JSON API USER PLUGIN UP TO 3.9.3 ON WORDPRESS REMOTE CODE EXECUTION

Description The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including,

CVE-2024-37310 : EVEREST CORE PRIOR 2024.3.1/2024.6.0 V2G_SERVER.CPP V2G_INCOMING_V2GTP HEAP-BASED OVERFLOW

CVE-2024-37310 : EVEREST CORE PRIOR 2024.3.1/2024.6.0 V2G_SERVER.CPP V2G_INCOMING_V2GTP HEAP-BASED OVERFLOW

Description EVerest is an EV charging software stack. An integer overflow in the “v2g_incoming_v2gtp” function in the v2g_server.cpp implementation can