Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
15050.3%CRITICAL

Related CVEs

5
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2024-46481The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to reflected XSS.MEDIUM6.119.6%Jan 13, 2025
CVE-2024-46480An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate privileges on the underlying host system.HIGH7.237.1%Jan 13, 2025
CVE-2024-46479Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. An authenticated attacker may upload a malicious file, leading to remote code execution.HIGH8.852.1%Jan 13, 2025
CVE-2020-15392A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. This issue occurs during password recovery, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames.MEDIUM5.364.6%Jul 7, 2020
CVE-2020-15367Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page.CRITICAL9.878.1%Jul 7, 2020