Lucene search
+L

301 matches found

UbuntuCve
UbuntuCve
added 2022/12/13 7:15 p.m.25 views

CVE-2022-41562

The HTML escaping component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS...

8.4CVSS7.3AI score0.00718EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/12/13 7:15 p.m.26 views

CVE-2022-41561

The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS...

9.1CVSS7.2AI score0.01444EPSS
Exploits0References3
CVE
CVE
added 2022/12/12 1:49 a.m.67 views

CVE-2022-41560

The CVE-2022-41560 issue affects TIBCO Nimbus 10.5.0, specifically the Statement Set Upload via the Web Client. The vulnerability allows a low-privileged attacker with network access to cause a Denial of Service (hang/crash). The advisory indicates remediation by upgrading to Nimbus 10.5.1 or lat...

6.5CVSS6.5AI score0.00605EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2022/12/06 7:15 p.m.16 views

CVE-2022-41559

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. A successful attack using this vulnerability requires human interaction from ...

9.3CVSS0.00657EPSS
Exploits0References1
Prion
Prion
added 2022/12/06 7:15 p.m.16 views

Design/Logic Flaw

The Statement Set Upload via the Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a Denial of Service Attack on the affected system. Affected releases are TIBCO Software...

4CVSS6.4AI score0.00605EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/12/06 7:15 p.m.14 views

Open redirect

The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to exploit an open redirect on the affected system. A successful attack using this vulnerability requires human interaction from ...

5.8CVSS8.8AI score0.00657EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/11/15 7:15 p.m.20 views

Cross site scripting

The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analyst, TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, TIBCO Spotfire Desktop, TIBCO Spotfire Desktop, TIBCO Spotfire Server, TIBCO Spotfire Server...

4.9CVSS5.2AI score0.00499EPSS
Exploits0References2Affected Software4
NVD
NVD
added 2022/09/21 6:15 p.m.26 views

CVE-2022-30578

The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting XSS on the affected system. A successful attack using this vulnerability requires human...

9CVSS0.00843EPSS
Exploits0References3
NVD
NVD
added 2022/09/21 6:15 p.m.20 views

CVE-2022-30577

The Web Server component of TIBCO Software Inc.'s TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting XSS on the affected system. A successful attack using this vulnerability requires human...

9CVSS0.00712EPSS
Exploits0References2
Prion
Prion
added 2022/09/21 6:15 p.m.17 views

Cross site scripting

The Web Server component of TIBCO Software Inc.'s TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting XSS on the affected system. A successful attack using this vulnerability requires human...

6CVSS8AI score0.00712EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/09/21 6:15 p.m.21 views

Cross site scripting

The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting XSS on the affected system. A successful attack using this vulnerability requires human...

6CVSS8AI score0.00843EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/09/21 5:55 p.m.70 views

CVE-2022-30578

The CVE-2022-30578 vulnerability affects the Web Server component of TIBCO EBX Add-ons, with versions 5.4.1 and earlier being vulnerable. The issue enables a stored XSS condition that an attacker with network access and low privileges can trigger, requiring user interaction for exploitation. A fi...

9CVSS8AI score0.00843EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/09/20 7:15 p.m.18 views

CVE-2022-30579

The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to execute blind Server Side Request Forgery SSRF on the affect...

8.4CVSS0.00481EPSS
Exploits0References2
Prion
Prion
added 2022/09/20 7:15 p.m.33 views

Server side request forgery (ssrf)

The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a difficult to exploit vulnerability that allows a low privileged attacker with network access to execute blind Server Side Request Forgery SSRF on the affect...

4.6CVSS8.1AI score0.00481EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2022/09/20 6:55 p.m.87 views

CVE-2022-30579

The CVE-2022-30579 affects TIBCO Spotfire: Web Player component in Spotfire Analytics Platform for AWS Marketplace and Spotfire Server (both v12.0.0). A low-privilege, network-connected attacker can trigger a blind Server-Side Request Forgery (SSRF) on the affected system. The vulnerability is de...

8.4CVSS7.7AI score0.00481EPSS
Exploits0References2Affected Software2
Tibco
Tibco
added 2022/09/15 12:2 a.m.26 views

TIBCO Security Advisory: September 21, 2022 - TIBCO EBX -CVE-2022-30577

TIBCO EBX Stored XSS vulnerability Original release date: September 21, 2022 Lastrevised: --- CVE-2022-30577 Source: TIBCOSoftware Inc. Products Affected TIBCO EBX versions 6.0.0 through 6.0.8 The following component is affected: Web Server Description The component listed above contains an easil...

6CVSS5.8AI score0.00712EPSS
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2022/09/13 12:0 a.m.239 views

TIBCO JasperReports Server 8.0.2 Community Edition Code Execution

Advisory ID: SYSS-2022-041 Product: JasperReports Server Manufacturer: TIBCO Software Inc. Tested Versions: 8.0.2 Community Edition Vulnerability Type: CWE-502: Deserialization of Untrusted Data Risk Level: High Solution Status: Fixed Manufacturer Notification: 2022-06-10 Solution Date: 2022-08-1...

0.1AI score
Exploits0
Prion
Prion
added 2022/08/16 6:15 p.m.19 views

Cross site scripting

The Web Console component of TIBCO Software Inc.'s TIBCO Data Science - Workbench, TIBCO Statistica, TIBCO Statistica - Estore Edition, and TIBCO Statistica Trial contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site...

4.9CVSS5.2AI score0.00443EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2022/08/16 5:55 p.m.66 views

CVE-2022-30576

The CVE-2022-30576 affects TIBCO Data Science - Workbench, TIBCO Statistica, TIBCO Statistica - Estore Edition, and TIBCO Statistica Trial, specifically the Web Console component. The root cause is a stored Cross Site Scripting (XSS) vulnerability that an attacker with network access and low priv...

8.7CVSS5.6AI score0.00443EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2022/08/09 5:20 p.m.27 views

CVE-2022-30573 TIBCO FTL Privilege Escalation

The ftlserver component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, TIBCO FTL - Enterprise Edition, and TIBCO FTL - Enterprise Edition contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a...

6.7CVSS9AI score0.00663EPSS
Exploits0References2
Rows per page
Query Builder