Vulnerabilities > Tibco

DATE CVE VULNERABILITY TITLE RISK
2021-03-23 CVE-2021-28824 Incorrect Authorization vulnerability in Tibco Activespaces
The Windows Installation component of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-863
4.6
2021-03-23 CVE-2021-28823 Incorrect Authorization vulnerability in Tibco Eftl
The Windows Installation component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-863
4.6
2021-03-23 CVE-2021-28822 Uncontrolled Search Path Element vulnerability in Tibco Enterprise Message Service
The Enterprise Message Service Server (tibemsd), Enterprise Message Service Central Administration (tibemsca), Enterprise Message Service JSON configuration generator (tibemsconf2json), and Enterprise Message Service C API components of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-427
4.6
2021-03-23 CVE-2021-28821 Incorrect Authorization vulnerability in Tibco Enterprise Message Service
The Windows Installation component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-863
4.6
2021-03-23 CVE-2021-28820 Uncontrolled Search Path Element vulnerability in Tibco FTL
The FTL Server (tibftlserver), FTL C API, FTL Golang API, FTL Java API, and FTL .Net API components of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-427
4.6
2021-03-23 CVE-2021-28819 Incorrect Authorization vulnerability in Tibco FTL
The Windows Installation component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-863
7.2
2021-03-23 CVE-2021-28818 Improper Privilege Management vulnerability in Tibco Rendezvous
The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and Rendezvous .Net API components of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-269
4.6
2021-03-23 CVE-2021-28817 Improper Privilege Management vulnerability in Tibco Rendezvous
The Windows Installation component of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software.
local
low complexity
tibco CWE-269
4.6
2021-03-23 CVE-2021-23274 Improper Restriction of Rendered UI Layers OR Frames vulnerability in Tibco products
The Config UI component of TIBCO Software Inc.'s TIBCO API Exchange Gateway and TIBCO API Exchange Gateway Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows an unauthenticated attacker with network access to execute a clickjacking attack on the affected system.
network
low complexity
tibco CWE-1021
7.5
2021-03-09 CVE-2021-23273 Cross-Site Scripting vulnerability in Tibco products
The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a stored Cross Site Scripting (XSS) attack on the affected system.
network
tibco CWE-79
3.5