cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20767,https://securityvulnerability.io/vulnerability/CVE-2024-20767,Adobe ColdFusion Vulnerable to Improper Access Control,"An improper access control vulnerability in Adobe ColdFusion versions 2023.6, 2021.12, and earlier allows attackers to perform arbitrary file system reads. This security flaw can be exploited without requiring user interaction, provided the admin panel is exposed to the internet. Attackers leveraging this vulnerability can access or modify restricted files, posing a significant risk to data integrity and confidentiality.",Adobe,Coldfusion,7.4,HIGH,0.9653300046920776,true,2024-12-16T00:00:00.000Z,true,true,true,2024-03-27T16:31:41.000Z,true,true,false,,2024-03-18T11:43:28.473Z,3978
CVE-2024-34102,https://securityvulnerability.io/vulnerability/CVE-2024-34102,Adobe Commerce Vulnerable to Arbitrary Code Execution via XML External Entity Reference,"The vulnerability identified as CVE-2024-34102 affects Adobe Commerce and Magento Open Source, posing a serious security threat. The vulnerability allows attackers to read sensitive files containing passwords and execute remote code, potentially gaining full control over the affected e-commerce platform. This can lead to widespread attacks, with an estimated 75% of e-commerce websites being at risk. The slow adoption of software updates has been attributed to the introduction of security features such as Content Security Policy and Subresource Integrity in the new software versions, which can interfere with the normal operation of checkout processes. There is a warning that attackers may exploit this vulnerability in conjunction with another vulnerability, CVE-2024-2961, to cause significant harm. Despite a patch being released, there is still a risk of attackers accessing administrator APIs in environments where the iconv vulnerability has been patched.",Adobe,Adobe Commerce,9.8,CRITICAL,0.12695999443531036,true,2024-07-17T00:00:00.000Z,true,true,true,2024-06-29T18:42:48.000Z,true,false,false,,2024-06-13T09:04:56.093Z,0