CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/09/19 2:15 p.m.•7 views

CVE-2025-58114

Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice Extension:CognitiveProcessDesigner allows Cross-Site Scripting XSS.This issue affects BlueSpice: from 5 through 5.1.1...

5.9CVSS0.00038EPSS

OSV•added 2025/09/19 2:15 p.m.•0 views

CVE-2025-58114

Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice Extension:CognitiveProcessDesigner allows Cross-Site Scripting XSS.This issue affects BlueSpice: from 5 through 5.1.1...

4.8CVSS5.8AI score

CVE•added 2025/09/19 1:10 p.m.•9 views

CVE-2025-58114

This CVE affects BlueSpice (Hallo Welt! GmbH) with the CognitiveProcessDesigner extension. The vulnerability is an improper input validation that enables Cross-Site Scripting (XSS) and affects BlueSpice versions 5 through 5.1.1. Documented details indicate the root cause is input validation in Ex...

5.9CVSS5.9AI score0.00038EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/09/19 1:10 p.m.•5 views

CVE-2025-58114 Potential XSS in Extension:CognitiveProcessDesigner

Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice Extension:CognitiveProcessDesigner allows Cross-Site Scripting XSS.This issue affects BlueSpice: from 5 through 5.1.1...

5.9CVSS5.9AI score0.00038EPSS

Cvelist•added 2025/09/19 1:10 p.m.•7 views

CVE-2025-58114 Potential XSS in Extension:CognitiveProcessDesigner

Improper Input Validation vulnerability in Hallo Welt! GmbH BlueSpice Extension:CognitiveProcessDesigner allows Cross-Site Scripting XSS.This issue affects BlueSpice: from 5 through 5.1.1...

5.9CVSS0.00038EPSS

RedhatCVE•added 2025/09/02 5:40 a.m.•3 views

CVE-2025-9718

A security flaw has been discovered in O2OA up to 10.0-410. This affects an unknown part of the file /xprocessplatformassembledesigner/jaxrs/process of the component Personal Profile Page. Performing manipulation of the argument name/alias results in cross site scripting. Remote exploitation of t...

5.4CVSS3.9AI score0.00071EPSS

Exploits1References1

Vulnrichment•added 2025/08/31 5:32 a.m.•1 views

CVE-2025-9718 O2OA Personal Profile process cross site scripting

5.1CVSS5.4AI score0.00071EPSS

Exploits1References6

IBM Security Bulletins•added 2023/12/20 3:1 a.m.•23 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVEs. Vulnerability Details...

5.9CVSS6.3AI score0.00172EPSS

IBM Security Bulletins•added 2023/11/09 7:30 p.m.•38 views

Security Bulletin: Multiple vulnerabilities in Eclipse Jetty affect IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

Summary There are multiple vulnerabilities in Eclipse Jetty, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2023-40167 DESCRIPTION: Jetty is...

7.5CVSS7.3AI score0.04575EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/08/28 11:31 p.m.•40 views

Security Bulletin: A CVE-2023-21967 vulnerability in IBM Java Runtime affects IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

Summary A vulnerability exists in IBM® Runtime Environment Java™ Versions 8, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21967...

5.9CVSS6.6AI score0.0008EPSS

IBM Security Bulletins•added 2023/06/05 3:11 p.m.•32 views

Security Bulletin: Multiple vulnerabilities in VMware Tanzu Spring Framework affect IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

Summary Multiple vulnerabilities exist in VMware Tanzu Spring Framework, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION...

6.5CVSS7.3AI score0.01183EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/05/31 9:21 p.m.•45 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

5.3CVSS5.5AI score0.00135EPSS

IBM Security Bulletins•added 2023/05/17 10:40 p.m.•84 views

Security Bulletin: A CVE-2023-26049 vulnerability in Eclipse Jetty affects IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

Summary A vulnerability exists in Eclipse Jetty, which is used by the desktop version of IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow. IBM Process Designer has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-26049 DESCRIPTION: Eclipse Jetty could all...

5.3CVSS4.6AI score0.00403EPSS

IBM Security Bulletins•added 2023/04/12 9:48 p.m.•41 views

Security Bulletin: A CVE-2021-28165 vulnerability in Eclipse Jetty affects IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

7.8CVSS7.3AI score0.13581EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/01/20 9:34 p.m.•27 views

Security Bulletin: A CVE-2022-21626 vulnerability in IBM Java Runtime affects IBM Process Designer 8.5.7 shipped with IBM Business Automation Workflow

5.3CVSS5.2AI score0.00146EPSS

IBM Security Bulletins•added 2022/09/14 3:28 p.m.•70 views

Security Bulletin: A CVE-2021-37714 vulnerability in jsoup affects IBM Process Designer in IBM Business Automation Workflow and IBM Business Process Manager

Summary A vulnerabilitiy exists in jsoup used by the desktop version of IBM Process Designer. IBM Process Designer has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-37714 DESCRIPTION: jsoup is vulnerable to a denial of service, caused by improper input validation. By sending ...

7.2AI score0.04351EPSS

IBM Security Bulletins•added 2022/09/14 3:28 p.m.•25 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Process Designer in IBM Business Automation Workflow and IBM Business Process Manager

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 7, which is used by the desktop version of IBM Process Designer in both IBM Business Automation Workflow and IBM Business Process Manager. IBM Process Designer has addressed the applicable CVEs. Vulnerability...

5.6AI score0.00283EPSS

IBM Security Bulletins•added 2022/09/14 3:28 p.m.•66 views

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Process Designer in IBM Business Automation Workflow and IBM Business Process Manager

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions 8, which is used by the desktop version of IBM Process Designer in both IBM Business Automation Workflow and IBM Business Process Manager. IBM Process Designer has addressed the applicable CVEs. Vulnerability...

5.7AI score0.00136EPSS

IBM Security Bulletins•added 2022/09/14 3:28 p.m.•43 views

Security Bulletin: CVE-2019-4732 vulnerabilitiy in IBM Java Runtime affects IBM Process Designer used in IBM Business Automation Workflow and IBM Business Process Manager

Summary A vulnerabilitiy exists in IBM® Runtime Environment Java™ Versions 6 and 7 used by the desktop version of IBM Process Designer. IBM Process Designer has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2019-4732 DESCRIPTION: IBM SDK, Java Technology Edition Version could allo...

6.4AI score0.00164EPSS