65 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7, as used in TIBCO BusinessWorks Process Monitor through 3.0.1.3 and other products, allows remote authenticated administrators to inject arbitrary web script or HTML via the users management panel of the w...
CVE-2017-16789
Cross-site scripting XSS vulnerability in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7, as used in TIBCO BusinessWorks Process Monitor through 3.0.1.3 and other products, allows remote authenticated administrators to inject arbitrary web script or HTML via the users management panel of the w...
CVE-2017-16789
Cross-site scripting XSS vulnerability in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7, as used in TIBCO BusinessWorks Process Monitor through 3.0.1.3 and other products, allows remote authenticated administrators to inject arbitrary web script or HTML via the users management panel of the w...
CVE-2017-16789
CVE-2017-16789 affects Integration Matters nJAMS 3 prior to 3.2.0 Hotfix 7, as used in TIBCO BusinessWorks Process Monitor up to version 3.0.1.3 and other products. It is a cross-site scripting (XSS) vulnerability that lets remote authenticated administrators inject arbitrary web script or HTML v...
macOS Fruitfly Backdoor Analysis Renders New Spying Capabilities
LAS VEGAS—The FruitFly backdoor became a known entity in January, but it’s a good bet that for years it had been in the wild, undetected by analysts and security software. The macOS and OS X malware has a number of insidious spying capabilities that would make anyone uneasy, and a variant recentl...
HP Business Process Monitor Remote Command Execution Vulnerability
HP Business Process Monitor is a suite of application monitoring software for monitoring business processes from Hewlett Packard Enterprise HPE. A remote code execution vulnerability exists in HPE Business Process Monitor. A remote attacker could exploit this vulnerability to execute arbitrary co...
Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation
Privacyware Privatefirewall 7.0 Unquoted Service Path Privilege Escalation Vendor: PWI, Inc. Product web page: http://www.privacyware.com Affected version: 7.0.30.3 Summary: Privatefirewall multi-layered endpoint security software protects 32 and 64 bit Windows desktops and servers from malware a...
Privacyware Privatefirewall 7.0 Privilege Escalation
Privacyware Privatefirewall 7.0 Unquoted Service Path Privilege Escalation Vendor: PWI, Inc. Product web page: http://www.privacyware.com Affected version: 7.0.30.3 Summary: Privatefirewall multi-layered endpoint security software protects 32 and 64 bit Windows desktops and servers from malware a...
[security bulletin] HPSBMU03044 rev.1 - HP Business Process Monitor, running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04307186 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04307186 Version: 1 HPSBMU03044 rev....
HP Business Process Monitor tp_bpm_admin.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Business Process Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the tpbpmadmin.exe server which listens by default...
CVE-2013-4804
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors...
CVE-2013-2366
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802...
Code injection
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802...
Code injection
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors...
CVE-2013-4804
HP Business Process Monitor (BPM) vulnerable to remote code execution and information disclosure as described for CVE-2013-4804. Affected software versions on Windows are BPM 9.13.1 patch 1 and BPM 9.22 patch 1. The root cause is not explicitly detailed in the description, but the HP Security Bul...
CVE-2013-4804
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors...
CVE-2013-2366
Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802...
CVE-2013-2366
HP BPM vulnerability CVE-2013-2366 affects HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1. The root cause is a flaw in the tp_bpm_admin.exe server (listens on TCP port 2696) that allows remote code execution via a directory traversal in file upload handling. Exploitation is unauthent...
[security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03844594 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03844594 Version: 1 HPSBMU02901 rev....
HP Business Process Monitor security vulnerabilities
Information leak, code execution...