Latest Vulnerabilities Affecting Tibco products

Date	CVE	Title	CVSS
2019-05-14	CVE-2019-11204	Credentials Management vulnerability in Tibco Spotfire Statistics Services 10.0.0/7.11.1	Medium
2019-05-14	CVE-2019-11206	Improper Access Control vulnerability in Tibco Spotfire Analytics Platform FOR AWS and Spotfire Server	Medium
2019-05-14	CVE-2019-11205	Cross-Site Scripting (XSS) vulnerability in Tibco Spotfire Analytics Platform FOR AWS and Spotfire Server	Medium
2019-04-24	CVE-2019-8992	Unrestricted Upload of File with Dangerous Type vulnerability in Tibco and products	Medium
2019-04-24	CVE-2019-8993	Improper Access Control vulnerability in Tibco and products	Medium
2019-04-24	CVE-2019-8991	Cross-Site Request Forgery (CSRF) vulnerability in Tibco and products	Medium
2019-04-24	CVE-2019-8994	Improper Access Control vulnerability in Tibco Activematrix Business Process Mangement and Silver Fabric Enabler	Medium
2019-04-24	CVE-2019-11203	Cross-Site Scripting (XSS) vulnerability in Tibco Activematrix Business Process Management and Silver Fabric Enabler	Medium
2019-04-24	CVE-2019-8995	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Tibco Activematrix BPM and Silver Fabric Enabler	Medium
2019-04-09	CVE-2019-8990	Authentication Issues vulnerability in Tibco Activematrix Businessworks 6.4.2	Medium
2019-03-26	CVE-2019-8988	Permissions, Privileges, and Access Control vulnerability in Tibco Data Science FOR AWS and Spotfire Data Science	Medium
2019-03-26	CVE-2019-8989	Input Validation vulnerability in Tibco Data Science FOR AWS and Spotfire Data Science	Medium
2019-03-26	CVE-2019-8987	Cross-Site Scripting (XSS) vulnerability in Tibco Data Science FOR AWS and Spotfire Data Science	Low
2019-03-07	CVE-2018-18816	Cross-Site Scripting (XSS) vulnerability in Tibco products	Low
2019-03-07	CVE-2019-8986	Information Leak / Disclosure vulnerability in Tibco Jasperreports Server	Medium

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.