Page 10 of 230 results (0.009 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to execute API methods on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO AuditSafe: versions 1.1.0 and below. El componente Web Server de TIBCO Software Inc.' • https://www.tibco.com/services/support/advisories •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

The Auth Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with local access to obtain administrative usernames and passwords for the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below. El componente Auth Server de TIBCO Software Inc.' • https://www.tibco.com/services/support/advisories https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-february-15-2022-tibco-bcce-2021-43050 •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

The Database component of TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition contains an easily exploitable vulnerability that allows an unauthenticated attacker with network access to obtain the usernames and passwords of users of the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BusinessConnect Container Edition: versions 1.1.0 and below. El componente de base de datos de TIBCO Software Inc.' • https://www.tibco.com/services/support/advisories https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-february-15-2022-tibco-bcce-2021-43049 •

CVSS: 9.0EPSS: 0%CPEs: 45EXPL: 0

The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, TIBCO EBX Add-ons, TIBCO EBX Add-ons, TIBCO EBX Add-ons, and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.124 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, 5.9.14, and 5.9.15, TIBCO EBX: versions 6.0.0, 6.0.1, 6.0.2, and 6.0.3, TIBCO EBX Add-ons: versions 3.20.18 and below, TIBCO EBX Add-ons: versions 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, and 4.5.6, TIBCO EBX Add-ons: versions 5.0.0, 5.0.1, 5.1.0, 5.1.1, and 5.2.0, and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.1.0 and below. • https://www.tibco.com/services/support/advisories https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-january-19-2022-tibco-ebx-2022-22769 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0

The Data Virtualization Server component of TIBCO Software Inc.'s TIBCO Data Virtualization, TIBCO Data Virtualization, TIBCO Data Virtualization, and TIBCO Data Virtualization for AWS Marketplace contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to download arbitrary files outside of the scope of the user's permissions on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO Data Virtualization: versions 8.3.0 and below, TIBCO Data Virtualization: version 8.4.0, TIBCO Data Virtualization: version 8.5.0, and TIBCO Data Virtualization for AWS Marketplace: versions 8.5.0 and below. El componente Data Virtualization Server de TIBCO Software Inc.' • https://www.tibco.com/services/support/advisories https://www.tibco.com/support/advisories/2022/01/tibco-security-advisory-january-12-2022-tibco-data-virtualization-2021-35500 •