Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
workflow vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-4768
IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credenti...
Ibm Business Automation Workflow
Ibm Case Manager
5.5
CVSSv3
CVE-2020-10727
A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. A local attacker can use this...
Apache Activemq Artemis
Netapp Oncommand Workflow Automation -
5.4
CVSSv3
CVE-2019-4426
The Case Builder component shipped with 18.0.0.1 up to and including 19.0.0.2 and IBM Case Manager 5.1.1 up to and including 5.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended func...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow
Ibm Case Manager 5.1.1
Ibm Case Manager 5.2.0
Ibm Case Manager 5.2.1
Ibm Case Manager
6.1
CVSSv3
CVE-2020-4490
IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote malicious user to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishin...
Ibm Business Automation Workflow 18.0.0.0
Ibm Business Automation Workflow 19.0.0.0
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.5.0.0
Ibm Business Process Manager 8.6.0.0
7.5
CVSSv3
CVE-2021-26118
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in e...
Apache Activemq Artemis 2.15.0
Netapp Oncommand Workflow Automation -
4.9
CVSSv3
CVE-2022-39400
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Ser...
Oracle Mysql
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
6.5
CVSSv3
CVE-2022-39408
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Serv...
Oracle Mysql
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
6.5
CVSSv3
CVE-2022-39410
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Serv...
Oracle Mysql
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
4.3
CVSSv3
CVE-2022-21589
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple pr...
Oracle Mysql
Netapp Oncommand Workflow Automation
Netapp Oncommand Insight -
1 Article
4.3
CVSSv3
CVE-2022-21592
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple pr...
Oracle Mysql
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »