Filtered by vendor Tibco
Subscriptions
Total
226 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-7194 | 1 Tibco | 4 Managed File Transfer Command Center, Managed File Transfer Internet Server, Slingshot and 1 more | 2025-04-12 | N/A |
| TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File Transfer Command Center before 7.2.4, Slingshot before 1.9.3, and Vault before 1.1.1 allow remote attackers to obtain sensitive information or modify data by leveraging agent access. | ||||
| CVE-2014-2544 | 1 Tibco | 7 Analyst, Automation Services, Deployment Kit and 4 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2014-2545 | 1 Tibco | 4 Managed File Transfer Command Center, Managed File Transfer Internet Server, Slingshot and 1 more | 2025-04-12 | N/A |
| TIBCO Managed File Transfer Internet Server before 7.2.2, Managed File Transfer Command Center before 7.2.2, Slingshot before 1.9.1, and Vault before 1.0.1 allow remote attackers to obtain sensitive information via a crafted HTTP request. | ||||
| CVE-2014-2541 | 1 Tibco | 3 Messaging Appliance, Rendezvous, Substantiation Es | 2025-04-12 | N/A |
| The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify transmitted information via unspecified vectors. | ||||
| CVE-2014-2542 | 1 Tibco | 3 Messaging Appliance, Rendezvous, Substantiation Es | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-5285 | 1 Tibco | 1 Spotfire Server | 2025-04-12 | N/A |
| Unspecified vulnerability in the Authentication Module in TIBCO Spotfire Server before 4.5.2, 5.0.x before 5.0.3, 5.5.x before 5.5.2, 6.0.x before 6.0.3, and 6.5.x before 6.5.1 allows remote attackers to gain privileges, and obtain sensitive information or modify data, via unknown vectors. | ||||
| CVE-2015-4554 | 1 Tibco | 9 Silver Fabric Enabler For Spotfire Webplayer, Spotfire Analyst, Spotfire Analytics Platform For Aws and 6 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Analytics Platform for AWS 6.5 and 7.0.x before 7.0.1; Spotfire Automation Services before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Deployment Kit before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Desktop before 6.5.2 and 7.0.x before 7.0.1; Spotfire Desktop Language Packs 7.0.x before 7.0.1; Spotfire Professional before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire Web Player before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; and Silver Fabric Enabler for Spotfire Web Player before 2.1.1 allow remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors. | ||||
| CVE-2014-2075 | 1 Tibco | 2 Enterprise Administrator, Enterprise Administrator Sdk | 2025-04-12 | N/A |
| TIBCO Enterprise Administrator 1.0.0 and Enterprise Administrator SDK 1.0.0 do not properly enforce administrative authentication requirements, which allows remote attackers to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2014-5286 | 1 Tibco | 3 Activematrix Management Agent, Activematrix Policy Agent, Activematrix Policy Manager | 2025-04-12 | N/A |
| The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1 for WCF, and ActiveMatrix Management Agent 1.x before 1.2.1 for WebSphere allows remote attackers to gain privileges and obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-5711 | 1 Tibco | 4 Managed File Transfer Command Center, Managed File Transfer Internet Server, Slingshot and 1 more | 2025-04-12 | N/A |
| TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center before 7.2.5, Slingshot before 1.9.4, and Vault before 2.0.1 allow remote authenticated users to obtain sensitive information via a crafted HTTP request. | ||||
| CVE-2012-0689 | 1 Tibco | 5 Activematrix Bpm, Activematrix Businessworks Service Engine, Activematrix Service Bus and 2 more | 2025-04-11 | N/A |
| The server in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to discover credentials via unspecified vectors. | ||||
| CVE-2012-0688 | 1 Tibco | 5 Activematrix Bpm, Activematrix Businessworks Service Engine, Activematrix Service Bus and 2 more | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in TIBCO ActiveMatrix Platform in TIBCO Silver Fabric ActiveMatrix Service Grid Distribution 3.1.3, Service Grid and Service Bus 3.x before 3.1.5, BusinessWorks Service Engine 5.9.x before 5.9.3, and BPM before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-3424 | 1 Tibco | 3 Managed File Transfer Command Center, Managed File Transfer Internet Server, Slingshot | 2025-04-11 | N/A |
| Session fixation vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2011-3423 | 1 Tibco | 3 Managed File Transfer Command Center, Managed File Transfer Internet Server, Slingshot | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in TIBCO Slingshot before 1.8.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-3133 | 1 Tibco | 2 Spotfire Analytics Server, Spotfire Server | 2025-04-11 | N/A |
| Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2011-3132 | 1 Tibco | 2 Spotfire Analytics Server, Spotfire Server | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-2020 | 1 Tibco | 2 Iprocess Engine, Iprocess Workspace | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2011-1414 | 1 Tibco | 2 Tibbr, Tibbr Service | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the tibbr web server, as used in TIBCO tibbr 1.0.0 through 1.5.0 and tibbr Service 1.0.0 through 1.5.0, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4499 | 1 Tibco | 2 Activecatalog, Collaborative Information Manager | 2025-04-11 | N/A |
| Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2010-4498 | 1 Tibco | 2 Activecatalog, Collaborative Information Manager | 2025-04-11 | N/A |
| Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL. | ||||