CVSS: 8.0EPSS: 0%CPEs: 9EXPL: 0CVE-2021-28829 – TIBCO Administrator CSV injection vulnerability
https://notcve.org/view.php?id=CVE-2021-28829
20 Apr 2021 — The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network acces... • http://www.tibco.com/services/support/advisories • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-28828 – TIBCO Administrator SQL injection vulnerability
https://notcve.org/view.php?id=CVE-2021-28828
20 Apr 2021 — The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, and TIBCO Administrator - Enterprise Edition for z/Linux contains an easily exploitable vulnerability that allows a low privileged attacker with network acces... • http://www.tibco.com/services/support/advisories • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.6EPSS: 1%CPEs: 15EXPL: 0CVE-2021-28827 – TIBCO Administrator Stored Cross Site Scripting vulnerability
https://notcve.org/view.php?id=CVE-2021-28827
20 Apr 2021 — The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition Distribution for TIBCO Silver Fabric, TIBCO Administrator - Enterprise Edition for z/Linux, TIBCO Administrator - Enterprise Edition for z/Linux, TIBCO Runtime Agent, TIBCO Runtime Agent, TIBCO Runtime Agent for z/Linux, and TIBCO Runtime Agent for z... • http://www.tibco.com/services/support/advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 1CVE-2008-1403 – BootManage TFTP Server 1.99 - 'Filename' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-1403
20 Mar 2008 — Stack-based buffer overflow in the TFTP server in BootManage TFTPD 1.99 and earlier in BootManage Administrator 7.1 and earlier allows remote attackers to execute arbitrary code via a request with a long filename. Desbordamiento de búfer basado en pila en el servidor TFTP de BootManage TFTPD versión 1.99 y anteriores permite a atacantes remotos ejecutar código de su elección utilizando una petición con un nombre de fichero demasiado largo. • https://www.exploit-db.com/exploits/31409 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •