CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

163 matches found

Cvelist•added 2019/04/24 8:20 p.m.•21 views

CVE-2019-8991 TIBCO Active Matrix Service Grid Administrator With Multiple Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities

The administrator web interface of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and...

8.8CVSS8.7AI score0.00949EPSS

Exploits0References3

CVE•added 2019/04/24 8:20 p.m.•57 views

CVE-2019-8995

CVE-2019-8995 affects TIBCO ActiveMatrix BPM and related products: Workspace, Openspace, and App Development clients up to versions 4.2.0 (and 1.4.1 for Silver Fabric Enabler). Root cause described as an open redirect where a malicious URL could cause a user to visit an attacker-controlled site. ...

6.1CVSS5.4AI score0.01137EPSS

Exploits0References3Affected Software2

Cvelist•added 2019/04/24 8:20 p.m.•23 views

CVE-2019-11203 TIBCO ActiveMatrix BPM Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities

The workspace client, openspace client, app development client, and REST API of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, and TIBCO Silver Fabric Enabler for ActiveMatrix BPM contain cross site scripting XSS and cross-site request...

8.8CVSS6.3AI score0.00686EPSS

Exploits0References3

CVE•added 2019/04/24 8:20 p.m.•58 views

CVE-2019-8992

The CVE-2019-8992 vulnerability affects the administrative server components across TIBCO ActiveMatrix BPM and related products. A user without privileges to upload distributed application archives (Upload DAA) could upload arbitrary code and, in some cases, execute it on ActiveMatrix Service Gri...

9.9CVSS8.9AI score0.02163EPSS

Exploits0References3Affected Software5

CVE•added 2019/04/24 8:20 p.m.•54 views

CVE-2019-8993

CVE-2019-8993 affects TIBCO ActiveMatrix BPM and related components. The administrative web server in these products could allow an unauthenticated user to download a file containing credentials information. Affected releases include: ActiveMatrix BPM up to 4.2.0; BPM Distribution for Silver Fabr...

9.8CVSS9.3AI score0.02531EPSS

Exploits0References3Affected Software5

Positive Technologies•added 2019/04/24 12:0 a.m.•5 views

PT-2019-19296 · Tibco · Tibco Silver Fabric Activematrix Service Grid Distribution +7

Name of the Vulnerable Software and Affected Versions: TIBCO ActiveMatrix BPM versions up to and including 4.2.0 TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric versions up to and including 4.2.0 TIBCO ActiveMatrix Policy Director versions up to and including 1.1.0 TIBCO ActiveMatrix...

9.8CVSS8.6AI score0.02531EPSS

Exploits0References4

Positive Technologies•added 2019/04/24 12:0 a.m.•4 views

PT-2019-19295 · Tibco Software · Tibco Silver Fabric Activematrix Service Grid Distribution +7

9.9CVSS9.5AI score0.02163EPSS

Exploits0References4

Positive Technologies•added 2019/04/24 12:0 a.m.•7 views

PT-2019-19298 · Tibco · Tibco Silver Fabric Enabler For Activematrix Bpm +2

Name of the Vulnerable Software and Affected Versions: TIBCO ActiveMatrix BPM versions up to and including 4.2.0 TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric versions up to and including 4.2.0 TIBCO Silver Fabric Enabler for ActiveMatrix BPM versions up to and including 1.4.1...

6.1CVSS4.9AI score0.01137EPSS

Exploits0References5

Tibco•added 2019/04/22 10:47 p.m.•17 views

TIBCO Security Advisory: April 24, 2019 - TIBCO Active MatrixService Grid -2019-8992

TIBCO Active Matrix Service Grid Administrator Remote Code Execution Original release date: April 24, 2019 Last revised: CVE-2019-8992 Source: TIBCOSoftware Inc. TIBCO Active Matrix Service Grid Administrator Remote Code Execution Original release date: April 24, 2019 Last revised: -- Source: TIB...

6.5CVSS8.1AI score0.02163EPSS

Exploits0Affected Software8

Tibco•added 2019/04/22 10:47 p.m.•23 views

TIBCO Security Advisory: April 24, 2019 - TIBCO Active MatrixService Grid -2019-8992

9.9CVSS9.3AI score0.02163EPSS

Exploits0Affected Software8

Tibco•added 2019/04/22 5:59 p.m.•19 views

TIBCO Security Advisory: April 24, 2019 - TIBCO BPM Enterprise -2019-11203

TIBCO BPM Enterprise Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities Original release date: April24, 2019 Last revised: CVE-2019-11203 Source: TIBCO Software Inc. TIBCO ActiveMatrix BPM Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities Original release date:...

8.8CVSS7.2AI score0.00686EPSS

Exploits0Affected Software3

Tibco•added 2019/04/22 5:34 p.m.•31 views

TIBCO Security Advisory: April 24, 2019 - TIBCO BPM Enterprise -2019-8995

TIBCO BPM Enterprise Open Redirect Vulnerability Original release date: April 24,2019 Last revised: CVE-2019-8995 Source: TIBCO Software Inc. TIBCO ActiveMatrix BPM Open Redirect Vulnerability Original release date: April 24, 2019 Last revised: -- Source: TIBCO Software Inc. Systems Affected TIBC...

5.8CVSS6.6AI score0.01137EPSS

Exploits0Affected Software3

Tibco•added 2019/04/22 5:34 p.m.•12 views

TIBCO Security Advisory: April 24, 2019 - TIBCO BPM Enterprise -2019-8995

6.1CVSS5.5AI score0.01137EPSS

Exploits0Affected Software3

Tibco•added 2019/04/22 4:48 p.m.•14 views

TIBCO Security Advisory: April 24, 2019 - TIBCO BPM Enterprise -2019-8994

TIBCO BPM Enterprise Escalation of Privileges Vulnerability Original release date:April 24, 2019 Last revised: CVE-2019-8994 Source: TIBCO Software Inc. TIBCO ActiveMatrix BPM Escalation of Privileges Vulnerability Original release date: April 24, 2019 Last revised: -- Source: TIBCO Software Inc...

4.9CVSS6.7AI score0.00797EPSS

Exploits0Affected Software3

Tibco•added 2019/04/22 4:48 p.m.•19 views

TIBCO Security Advisory: April 24, 2019 - TIBCO BPM Enterprise -2019-8994

5.4CVSS5.1AI score0.00797EPSS

Exploits0Affected Software3

NVD•added 2019/04/09 6:29 p.m.•32 views

CVE-2019-8990

The HTTP Connector component of TIBCO Software Inc.'s TIBCO ActiveMatrix BusinessWorks contains a vulnerability that theoretically allows unauthenticated HTTP requests to be processed by the BusinessWorks engine even when authentication is required. This possibility is restricted to circumstances...

9.1CVSS8.6AI score0.02889EPSS

Exploits0References3

Cvelist•added 2019/04/09 5:37 p.m.•78 views

CVE-2019-8990 TIBCO ActiveMatrix BusinessWorks Fails To Properly Enforce Authentication

9.1CVSS8.3AI score0.02889EPSS

Exploits0References3

CVE•added 2019/04/09 5:37 p.m.•49 views

CVE-2019-8990

The CVE-2019-8990 issue affects the HTTP Connector component of TIBCO ActiveMatrix BusinessWorks. It allows unauthenticated HTTP requests to be processed by the BusinessWorks engine when authentication is required, but only in configurations where HTTP Basic Authentication is used alongside an XM...

9.1CVSS8.3AI score0.02889EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2019/04/09 12:0 a.m.•9 views

PT-2019-19293 · Tibco · Tibco Activematrix Businessworks

Name of the Vulnerable Software and Affected Versions: TIBCO ActiveMatrix BusinessWorks versions up to and including 6.4.2 Description: The HTTP Connector component of TIBCO ActiveMatrix BusinessWorks contains an issue that allows unauthenticated HTTP requests to be processed by the BusinessWorks...

9.1CVSS9AI score0.02889EPSS

Exploits0References4

Prion•added 2019/03/07 10:29 p.m.•13 views

Directory traversal

The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for...

4CVSS6.4AI score0.79836EPSS

Exploits4References7Affected Software4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by