Two vulnerabilities in Adobe ColdFusion are exploited in real-world attacks, the Cybersecurity & Infrastructure Security Agency (CISA) warns. Both issues are related to the possibility of arbitrary code execution, caused by poor validation of deserialized data. Adobe released patches for both of these vulnerabilities back in mid-July 2023, when they were originally detected. ColdFusion ACE… Continue reading Two Adobe ColdFusion Vulnerabilities Exploited in The Wild
Tag: Adobe
Federal Agency Hacked With ColdFusion Vulnerability
A vulnerability in Adobe’s ColdFusion allowed hackers to breach two public-facing servers at a federal agency. The Cybersecurity and Infrastructure Security Agency (CISA) published a report explaining the way it happened. ColdFusion Vulnerability Exploited to Infiltrate Federal Agency Servers Recently, CISA has reported that Adobe’s ColdFusion – an application development tool, continues to pose a… Continue reading Federal Agency Hacked With ColdFusion Vulnerability
Citrix and Adobe Vulnerabilities Under Active Exploitation
Citrix was able to patch a zero-day vulnerability, while Adobe warns of attacks using ColdFusion Zero-Day and releases an urgent update that nearly fixes the issue. Nonetheless, the story is still not over, as these vulnerabilities are still exploited. Citrix and Adobe Patch 0-day Vulnerabilities Simultaneously, products of two companies were hit with critical vulnerabilities… Continue reading Citrix and Adobe Vulnerabilities Under Active Exploitation
Flash content will be blocked from January 12, 2021
Adobe released the latest Flash update this week and is even more persists in recommendations that users uninstall the app before end of support at the end of this year. Flash content will be blocked a little later. Let me remind you that earlier the developers have already warned that they will ask users to… Continue reading Flash content will be blocked from January 12, 2021
On July “Patch Tuesday”, only Microsoft fixed 123 vulnerabilities
As part of the July update Tuesday, Microsoft engineers fixed 123 vulnerabilities in 13 different products. Any of them was under attack. In July did not reach the record of June Tuesday only a little, when were fixed129 vulnerabilities. The most serious vulnerability fixed this time is the CVE-2020-1350 problem, also known as SigRed, found… Continue reading On July “Patch Tuesday”, only Microsoft fixed 123 vulnerabilities