Lucene search
K

159 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.10 views

CVE-2026-34284

Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Human workflow 11g+. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS7.3AI score0.00179EPSS
Exploits0References1
NVD
NVD
added 2026/04/21 9:16 p.m.10 views

CVE-2026-34284

Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Human workflow 11g+. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

6.1CVSS0.00179EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.9 views

Oracle Business Process Management Suite (14.1.2.0.0) (January 2026 CPU)

The version of Oracle Business Process Management Suite installed on the remote host is affected by a vulnerability, as referenced in the January 2026 CPU advisory: - Vulnerability in the Oracle Business Process Management Suite product of Oracle Fusion Middleware component: Composer Apache Commo...

9.8CVSS7AI score0.79807EPSS
Exploits7References6
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.13 views

CVE-2025-67278

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request...

6.5CVSS7.3AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.11 views

CVE-2025-67281

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content...

5.4CVSS8AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.15 views

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

5.4CVSS7AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.12 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS7.5AI score0.00311EPSS
Exploits0References1
NVD
NVD
added 2026/01/09 4:16 p.m.9 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS0.00311EPSS
Exploits0References2
NVD
NVD
added 2026/01/09 4:16 p.m.11 views

CVE-2025-67280

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user...

5.4CVSS0.00195EPSS
Exploits0References2
NVD
NVD
added 2026/01/09 4:16 p.m.5 views

CVE-2025-67281

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content...

5.4CVSS0.00192EPSS
Exploits0References2
NVD
NVD
added 2026/01/09 4:16 p.m.7 views

CVE-2025-67282

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profi...

5.4CVSS0.00195EPSS
Exploits0References2
OSV
OSV
added 2026/01/09 4:16 p.m.6 views

CVE-2025-67280

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user...

5.4CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/01/09 4:16 p.m.6 views

CVE-2025-67281

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content...

5.4CVSS5.8AI score0.00192EPSS
Exploits0References2
OSV
OSV
added 2026/01/09 4:16 p.m.5 views

CVE-2025-67278

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request...

6.5CVSS5.9AI score0.00276EPSS
Exploits0References2
OSV
OSV
added 2026/01/09 4:16 p.m.5 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

5.3CVSS5.9AI score0.00311EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.4 views

PT-2026-1874

Name of the Vulnerable Software and Affected Versions TIM BPM Suite & TIM FLOW versions prior to 9.1.2 Description An issue in TIM BPM Suite & TIM FLOW allows a remote attacker to escalate privileges via a crafted HTTP request. Recommendations Update to version 9.1.2 or later...

6.5CVSS7AI score0.00276EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/01/09 12:0 a.m.23 views

CVE-2025-67278

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via a crafted HTTP request...

0.00276EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/09 12:0 a.m.22 views

CVE-2025-67281

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content...

0.00192EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/09 12:0 a.m.24 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

0.00311EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/09 12:0 a.m.4 views

CVE-2025-67279

An issue in TIM Solution GmbH TIM BPM Suite & TIM FLOW before v.9.1.2 allows a remote attacker to escalate privileges via the application stores password hashes in MD5 format...

7.1AI score0.00311EPSS
Exploits0References2
Rows per page
Query Builder