Allaire CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-1999-0922	1 Allaire	1 Coldfusion Server	2026-04-16	N/A
An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.
CVE-1999-0923	1 Allaire	1 Coldfusion Server	2026-04-16	N/A
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
CVE-2001-1120	1 Allaire	1 Coldfusion Server	2026-04-16	N/A
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates.
CVE-2002-0576	1 Allaire	1 Coldfusion Server	2026-04-16	N/A
ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message.

« first previous Page 2 of 2.