Vulnerabilities > Tibco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-09-02 | CVE-2011-3134 | Unspecified vulnerability in Tibco Spotfire Analytics Server and Spotfire Server Unspecified vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL. | 7.5 |
| 2011-02-04 | CVE-2011-0649 | Local Privilege Escalation vulnerability in Multiple TIBCO Products Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknown vectors related to SUID and (1) Rendezvous Routing Daemon (rvrd), (2) Rendezvous Secure Daemon (rvsd), (3) Rendezvous Secure Routing Daemon (rvsrd), and (4) EMS Server (tibemsd). | 7.2 |
| 2011-01-07 | CVE-2010-4498 | Input Validation vulnerability in TIBCO Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to modify data or obtain sensitive information via a crafted URL. | 7.5 |
| 2011-01-07 | CVE-2010-4496 | SQL Injection vulnerability in Tibco Activecatalog and Collaborative Information Manager Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
| 2010-01-14 | CVE-2010-0184 | Permissions, Privileges, and Access Controls vulnerability in Tibco Runtime Agent The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime Agent (TRA) before 5.6.2, as used in TIBCO ActiveMatrix BusinessWorks and other products, set weak permissions on domain properties files, which allows local users to obtain domain administrator credentials, and gain privileges on all domain systems, via unspecified vectors. | 7.2 |
| 2007-10-18 | CVE-2007-5545 | USE of Externally-Controlled Format String vulnerability in Tibco Smart PGM FX Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. | 7.5 |
| 2007-08-03 | CVE-2007-4162 | Remote Security vulnerability in Tibco Rendezvous 7.5.2 TIBCO Rendezvous (RV) 7.5.2 does not protect confidentiality or integrity of inter-daemon communication, which allows remote attackers to capture and spoof traffic. network tibco | 7.8 |
| 2007-08-03 | CVE-2007-4158 | Resource Management Errors vulnerability in Tibco Rendezvous 7.5.2/7.5.3/7.5.4 Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and 7.5.4 allows remote attackers to cause a denial of service (memory consumption) via a packet with a length field of zero, a different vulnerability than CVE-2006-2830. | 7.8 |
| 2006-06-05 | CVE-2006-2830 | Remote Buffer Overflow vulnerability in Tibco Hawk, Rendezvous and Runtime Agent Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface. | 7.5 |