Latest Vulnerabilities Affecting Tibco products

Date	CVE	Title	CVSS
2019-09-18	CVE-2019-11211	Input Validation vulnerability in Tibco Enterprise Runtime FOR R and Spotfire Analytics Platform FOR AWS	High
2019-09-18	CVE-2019-11210	Input Validation vulnerability in Tibco Enterprise Runtime FOR R and Spotfire Analytics Platform FOR AWS	High
2019-08-20	CVE-2019-11209	Permissions, Privileges, and Access Control vulnerability in Tibco FTL 6.0.0/6.0.1/6.1.0	Medium
2019-08-13	CVE-2019-11207	Cross-Site Request Forgery (CSRF) vulnerability in Tibco and products	Medium
2019-08-08	CVE-2019-11208	Improper Authorization vulnerability in Tibco API Exchange Gateway 2.3.1	Medium
2019-08-05	CVE-2019-3800	Information Leak / Disclosure vulnerability in multiple products	Low
2019-05-14	CVE-2019-11204	Credentials Management vulnerability in Tibco Spotfire Statistics Services 10.0.0/7.11.1	Medium
2019-05-14	CVE-2019-11206	Improper Access Control vulnerability in Tibco Spotfire Analytics Platform FOR AWS and Spotfire Server	Medium
2019-05-14	CVE-2019-11205	Cross-Site Scripting (XSS) vulnerability in Tibco Spotfire Analytics Platform FOR AWS and Spotfire Server	Medium
2019-04-24	CVE-2019-8992	Unrestricted Upload of File with Dangerous Type vulnerability in Tibco and products	Medium
2019-04-24	CVE-2019-8993	Improper Access Control vulnerability in Tibco and products	Medium
2019-04-24	CVE-2019-8991	Cross-Site Request Forgery (CSRF) vulnerability in Tibco and products	Medium
2019-04-24	CVE-2019-8994	Improper Access Control vulnerability in Tibco Activematrix Business Process Mangement and Silver Fabric Enabler	Medium
2019-04-24	CVE-2019-11203	Cross-Site Scripting (XSS) vulnerability in Tibco Activematrix Business Process Management and Silver Fabric Enabler	Medium
2019-04-24	CVE-2019-8995	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Tibco Activematrix BPM and Silver Fabric Enabler	Medium

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.