Vulnerabilities > Tibco

DATE CVE VULNERABILITY TITLE RISK
2017-06-29 CVE-2017-5529 Information Exposure vulnerability in Tibco products
JasperReports library components contain an information disclosure vulnerability.
network
low complexity
tibco CWE-200
6.5
2017-06-29 CVE-2017-5528 Cross-Site Request Forgery (CSRF) vulnerability in Tibco products
Multiple JasperReports Server components contain vulnerabilities which may allow authorized users to perform cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.
network
low complexity
tibco CWE-352
8.8
2017-05-09 CVE-2017-5527 SQL Injection vulnerability in Tibco products
TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x before 7.6.1, 7.7.x before 7.7.1, and 7.8.x before 7.8.1 and Spotfire Analytics Platform for AWS Marketplace 7.8.0 and earlier contain multiple vulnerabilities which may allow authorized users to perform SQL injection attacks.
network
low complexity
tibco CWE-89
6.5
2016-04-20 CVE-2016-3628 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tibco products
Buffer overflow in tibemsd in the server in TIBCO Enterprise Message Service (EMS) before 8.3.0 and EMS Appliance before 2.4.0 allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via crafted inbound data.
network
low complexity
tibco CWE-119
8.8