SecurityWeek

Adobe Patches Nearly 140 Vulnerabilities

Adobe has released patches for 138 vulnerabilities in ColdFusion, Experience Manager, DNG SDK, Acrobat and Reader, and ...
Threat Post

Adobe Fixes Critical ColdFusion Flaw in Emergency Update

Attackers can leverage the critical Adobe ColdFusion flaw to launch arbitrary code execution attacks. In an unscheduled security update, Adobe is warning of a critical security flaw in its ColdFusion ...
Bleeping Computer

CISA warns of Adobe ColdFusion bug exploited as a zero-day

CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited in the wild. This critical arbitrary code execution flaw ...
Bleeping Computer

Adobe fixes patch bypass for exploited ColdFusion CVE-2023-29298 flaw

Adobe released an emergency ColdFusion security update that fixes critical vulnerabilities, including a fix for a new zero-day exploited in attacks. As part of today’s out-of-band update, Adobe fixed ...
Threat Post

Adobe Unscheduled Update Fixes Critical ColdFusion Flaws

Overall, Adobe released three patches – one for an “important” flaw and two for critical flaws –in the 2016 and 2018 versions of ColdFusion. Adobe has issued an unscheduled security update that fixes ...
ZDNet

Adobe ColdFusion servers under attack from APT group

A nation-state cyber-espionage group is actively hacking into Adobe ColdFusion servers and planting backdoors for future operations, Volexity researchers have told ZDNet. The attacks have been taking ...
Ars Technica

ColdFusion hack used to steal hosting provider’s customer data

A vulnerability in the ColdFusion Web server platform, reported by Adobe less than a week ago, has apparently been in the wild for almost a month and has allowed the hacking of at least one company ...