Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
business process management suite vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2948
SQL injection vulnerability in workflowenginesoa.asmx in Bizagi BPM Suite up to and including 10.4 allows remote authenticated users to execute arbitrary SQL commands via a crafted SOAP request.
Bizagi Business Process Management Suite 10.1
Bizagi Business Process Management Suite 10.3
Bizagi Business Process Management Suite 10.0
Bizagi Business Process Management Suite 10.0.1
Bizagi Business Process Management Suite 10.2
Bizagi Business Process Management Suite
9.1
CVSSv3
CVE-2018-3100
Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware (subcomponent: Process Analysis & Discovery). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnera...
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Business Process Management Suite 11.1.1.7.0
Oracle Business Process Management Suite 12.2.1.2.0
Oracle Business Process Management Suite 11.1.1.9.0
NA
CVE-2014-2947
Cross-site scripting (XSS) vulnerability in Login.aspx in Bizagi BPM Suite prior to 10.3 allows remote malicious users to inject arbitrary web script or HTML via the txtUsername parameter.
Bizagi Business Process Management Suite 10.1
Bizagi Business Process Management Suite
Bizagi Business Process Management Suite 10.0.1
Bizagi Business Process Management Suite 10.0
7.5
CVSSv3
CVE-2018-11761
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.
Apache Tika
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
2 Github repositories
NA
CVE-2007-6509
Unspecified vulnerability in Appian Enterprise Business Process Management (BPM) Suite 5.6 SP1 allows remote malicious users to cause a denial of service via a crafted packet to port 5400/tcp.
Appian Business Process Management Suite 5.6
1 EDB exploit
8.2
CVSSv3
CVE-2019-2706
Vulnerability in the Oracle Business Process Management Suite component of Oracle Fusion Middleware (subcomponent: BPM Foundation Services). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access ...
Oracle Business Process Management Suite 11.1.1.9.0
5.5
CVSSv3
CVE-2020-1951
A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23.
Apache Tika
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Debian Debian Linux 8.0
Oracle Business Process Management Suite 12.2.1.3.0
Canonical Ubuntu Linux 16.04
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Communications Messaging Server 8.0.2
5.5
CVSSv3
CVE-2020-1950
A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23.
Apache Tika
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Debian Debian Linux 8.0
Oracle Business Process Management Suite 12.2.1.3.0
Canonical Ubuntu Linux 16.04
Oracle Business Process Management Suite 12.2.1.4.0
Oracle Communications Messaging Server 8.1
Oracle Communications Messaging Server 8.0.2
7.5
CVSSv3
CVE-2018-3246
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to c...
Oracle Weblogic Server 12.1.3.0.0
Oracle Communications Converged Application Server
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Convenience And Fuel Pos Software 2.8.1
Oracle Utilities Network Management System 2.3.0.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Utilities Network Management System 1.12.0.3
Oracle Utilities Network Management System 2.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Webrtc Session Controller
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Banking Platform 2.6.0
Oracle Utilities Network Management System 2.3.0.1
4.9
CVSSv3
CVE-2018-2684
Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Registration Process). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with...
Oracle E-business Suite 12.2.4
Oracle E-business Suite 12.1.3
Oracle E-business Suite 12.2.3
Oracle E-business Suite 12.2.7
Oracle E-business Suite 12.2.5
Oracle E-business Suite 12.2.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »