cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-28817,https://securityvulnerability.io/vulnerability/CVE-2021-28817,TIBCO Rendezvous Windows Platform Installation vulnerability,The Windows Installation component of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from a lack of access restrictions on certain files and/or folders in the installation. Affected releases are TIBCO Software Inc.'s TIBCO Rendezvous: versions 8.5.1 and below and TIBCO Rendezvous Developer Edition: versions 8.5.1 and below.,Tibco,"Tibco Rendezvous,Tibco Rendezvous Developer Edition",8.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2021-03-23T00:00:00.000Z,0
CVE-2021-28818,https://securityvulnerability.io/vulnerability/CVE-2021-28818,TIBCO Rendezvous Windows Platform Artifact Search vulnerability,"The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and Rendezvous .Net API components of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contain a vulnerability that theoretically allows a low privileged attacker with local access on the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from the affected component searching for run-time artifacts outside of the installation hierarchy. Affected releases are TIBCO Software Inc.'s TIBCO Rendezvous: versions 8.5.1 and below and TIBCO Rendezvous Developer Edition: versions 8.5.1 and below.",Tibco,"Tibco Rendezvous,Tibco Rendezvous Developer Edition",8.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2021-03-23T00:00:00.000Z,0
CVE-2018-12414,https://securityvulnerability.io/vulnerability/CVE-2018-12414,TIBCO Rendezvous Vulnerable to CSRF Attacks,"The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), and Rendezvous Daemon Manager (rvdm) components of TIBCO Software Inc.'s TIBCO Rendezvous, TIBCO Rendezvous Developer Edition, TIBCO Rendezvous for z/Linux, TIBCO Rendezvous for z/OS, TIBCO Rendezvous Network Server, TIBCO Substation ES contain vulnerabilities which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Rendezvous: versions up to and including 8.4.5, TIBCO Rendezvous Developer Edition: versions up to and including 8.4.5, TIBCO Rendezvous for z/Linux: versions up to and including 8.4.5, TIBCO Rendezvous for z/OS: versions up to and including 8.4.5, TIBCO Rendezvous Network Server: versions up to and including 1.1.2, and TIBCO Substation ES: versions up to and including 2.12.2.",Tibco,"Tibco Rendezvous,Tibco Rendezvous Developer Edition,Tibco Rendezvous For Z/linux,Tibco Rendezvous For Z/os,Tibco Rendezvous Network Server,Tibco Substation Es",7.5,HIGH,0.002950000111013651,false,false,false,false,,false,false,2018-11-06T00:00:00.000Z,0