Filtered by vendor Tibco
Subscriptions
Total
226 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-4495 | 1 Tibco | 6 Activematrix Bpm, Activematrix Businessworks Service Engine, Activematrix Service Bus and 3 more | 2025-04-11 | N/A |
| Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3.0.0, 3.0.1, and 3.1.0; ActiveMatrix Service Bus 3.0.0 and 3.0.1; ActiveMatrix BusinessWorks Service Engine 5.9.0; ActiveMatrix BPM 1.0.1 and 1.0.2; Silver BPM Service 1.0.1; and Silver CAP Service 1.0.0 allows remote authenticated users to execute arbitrary code via vectors related to JMX connections. | ||||
| CVE-2013-2373 | 1 Tibco | 1 Spotfire Web Player | 2025-04-11 | N/A |
| The Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | ||||
| CVE-2013-2372 | 1 Tibco | 1 Spotfire Web Player | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-3491 | 1 Tibco | 4 Activematrix Businessworks Service Engine, Activematrix Service Bus, Activematrix Service Grid and 1 more | 2025-04-11 | N/A |
| The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service Engine before 5.8.1, and ActiveMatrix Service Performance Manager before 1.3.2 do not properly handle JMX connections, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service via unspecified vectors. | ||||
| CVE-2013-2371 | 1 Tibco | 1 Spotfire Statistics Services | 2025-04-11 | N/A |
| The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via an unspecified HTTP request. | ||||
| CVE-2012-5302 | 1 Tibco | 1 Formvine | 2025-04-11 | N/A |
| The server in TIBCO Formvine 3.1.x and 3.2.x before 3.2.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors. | ||||
| CVE-2010-0683 | 1 Tibco | 1 Administrator | 2025-04-11 | N/A |
| Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials. | ||||
| CVE-2012-0690 | 1 Tibco | 4 Spotfire Analytics Server, Spotfire Professional, Spotfire Server and 1 more | 2025-04-11 | N/A |
| TIBCO Spotfire Web Application, Web Player Application, Automation Services Application, and Analytics Client Application in Spotfire Analytics Server before 10.1.2; Server before 3.3.3; and Web Player, Automation Services, and Professional before 4.0.2 allow remote attackers to obtain sensitive information via a crafted URL. | ||||
| CVE-2012-0689 | 1 Tibco | 5 Activematrix Bpm, Activematrix Businessworks Service Engine, Activematrix Service Bus and 2 more | 2025-04-11 | N/A |
| The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to discover credentials via unspecified vectors. | ||||
| CVE-2012-0688 | 1 Tibco | 5 Activematrix Bpm, Activematrix Businessworks Service Engine, Activematrix Service Bus and 2 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2012-0687 | 1 Tibco | 7 Activematrix Bpm, Activematrix Businessworks, Activematrix Businessworks Service Engine and 4 more | 2025-04-11 | N/A |
| TIBCO ActiveMatrix Runtime Platform in Service Grid and Service Bus 2.x before 2.3.2 and BusinessWorks Service Engine before 5.8.2; TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0; TIBCO BusinessEvents Runtime in Enterprise and Inference Editions 3.x before 3.0.3, Standard Edition 4.x before 4.0.2, and Standard Edition and Express 5.0.0; and TIBCO BusinessWorks Engine in TIBCO Silver Fabric ActiveMatrix BusinessWorks Distribution 5.9.2 and ActiveMatrix BusinessWorks before 5.9.3 allow remote attackers to obtain sensitive information via a crafted URL. | ||||
| CVE-2011-3424 | 1 Tibco | 3 Managed File Transfer Command Center, Managed File Transfer Internet Server, Slingshot | 2025-04-11 | N/A |
| Session fixation vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2011-3423 | 1 Tibco | 3 Managed File Transfer Command Center, Managed File Transfer Internet Server, Slingshot | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-3134 | 1 Tibco | 2 Spotfire Analytics Server, Spotfire Server | 2025-04-11 | N/A |
| Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL. | ||||
| CVE-2011-3133 | 1 Tibco | 2 Spotfire Analytics Server, Spotfire Server | 2025-04-11 | N/A |
| Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2008-1703 | 1 Tibco | 8 Adapter Files Z Os, Hawk, Iprocess Engine and 5 more | 2025-04-09 | N/A |
| Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message. | ||||
| CVE-2007-5658 | 1 Tibco | 3 Enterprise Message Service, Rtworks, Smartsockets Rtserver | 2025-04-09 | N/A |
| Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow. | ||||
| CVE-2007-4161 | 1 Tibco | 1 Rendezvous | 2025-04-09 | N/A |
| rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cause a denial of service (network instability) via a subject name with a leading (1) '*' (asterisk) or (2) '>' (greater than) wildcard character. | ||||
| CVE-2007-5657 | 1 Tibco | 4 Ems Server, Enterprise Message Service, Rtworks and 1 more | 2025-04-09 | N/A |
| TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets. | ||||
| CVE-2007-5656 | 1 Tibco | 3 Enterprise Message Service, Rtworks, Smartsockets Rtserver | 2025-04-09 | N/A |
| TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory. | ||||