Skip to main content

Supravizio Bpm

5 CVEs product

Monthly

CVE-2024-46481 HIGH This Month

The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to reflected XSS. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect XSS Supravizio Bpm
NVD GitHub
CVSS 3.1
7.2
EPSS
0.2%
CVE-2024-46480 HIGH This Month

An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate privileges on the underlying host system. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Supravizio Bpm
NVD GitHub
CVSS 3.1
8.4
EPSS
0.2%
CVE-2024-46479 CRITICAL This Week

Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Supravizio Bpm
NVD GitHub
CVSS 3.1
9.9
EPSS
4.5%
CVE-2020-15392 MEDIUM POC This Month

A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Supravizio Bpm
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2020-15367 CRITICAL POC Act Now

Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Supravizio Bpm
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
EPSS 0% CVSS 7.2
HIGH This Month

The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to reflected XSS. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect XSS Supravizio Bpm
NVD GitHub
EPSS 0% CVSS 8.4
HIGH This Month

An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate privileges on the underlying host system. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Supravizio Bpm
NVD GitHub
EPSS 5% CVSS 9.9
CRITICAL This Week

Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Supravizio Bpm
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC This Month

A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Supravizio Bpm
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Supravizio Bpm
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy