Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
workflow vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-4768
IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credenti...
Ibm Business Automation Workflow
Ibm Case Manager
NA
CVE-2023-44245
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <= 4.0.0 versions.
Leaptodigital Contact Form Website To Workflow Tool
3.5
CVSSv2
CVE-2019-4426
The Case Builder component shipped with 18.0.0.1 up to and including 19.0.0.2 and IBM Case Manager 5.1.1 up to and including 5.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended func...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow
Ibm Case Manager 5.1.1
Ibm Case Manager 5.2.0
Ibm Case Manager 5.2.1
Ibm Case Manager
5.8
CVSSv2
CVE-2020-4490
IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote malicious user to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishin...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.6.0.0
5
CVSSv2
CVE-2021-26118
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in e...
Apache Activemq Artemis 2.15.0
Netapp Oncommand Workflow Automation -
NA
CVE-2022-21589
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple pr...
Oracle Mysql
Netapp Oncommand Workflow Automation
Netapp Oncommand Insight -
1 Article
NA
CVE-2022-21592
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple pr...
Oracle Mysql
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
NA
CVE-2022-21594
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Ser...
Oracle Mysql
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
NA
CVE-2022-21599
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise My...
Oracle Mysql
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
NA
CVE-2022-21600
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Ser...
Oracle Mysql
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »