Tibco Rendezvous vulnerabilities

16 known vulnerabilities affecting tibco/rendezvous.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL1HIGH9MEDIUM5LOW1

Vulnerabilities

Page 1 of 1

CVE-2021-28818HIGHCVSS 7.8≤ 8.5.12021-03-23

CVE-2021-28818 [HIGH] CVE-2021-28818: The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Da The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), Rendezvous Secure C API, Rendezvous Java API, and Rendezvous .Net API components of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contain a vulnerability that theoretically allows a low pr

nvd

CVE-2021-28817HIGHCVSS 7.8≤ 8.5.12021-03-23

CVE-2021-28817 [HIGH] CVE-2021-28817: The Windows Installation component of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous De The Windows Installation component of TIBCO Software Inc.'s TIBCO Rendezvous and TIBCO Rendezvous Developer Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software

nvd

CVE-2018-12414HIGHCVSS 8.8≤ 8.4.52018-11-06

CVE-2018-12414 [HIGH] CWE-352 CVE-2018-12414: The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Da The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), and Rendezvous Daemon Manager (rvdm) components of TIBCO Software Inc.'s TIBCO Rendezvous, TIBCO Rendezvous Developer Edition, TIBCO Rendezvous for z/Linux, TIBCO Rendezvous for z/OS, TIBCO Rendezvous Network Ser

nvd

CVE-2015-4555HIGHCVSS 7.5≤ 8.4.32015-08-30

CVE-2015-4555 [HIGH] CVE-2015-4555: Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Ne Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Network Server before 1.1.1, Substation ES before 2.9.0, and Messaging Appliance before 8.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Rendezvous Daemon (rvd), Routing Daemon (rv

nvd

CVE-2014-2543HIGHCVSS 7.5≤ 8.4.1v7.4.11+8 more2014-04-08

CVE-2014-2543 [HIGH] CWE-119 CVE-2014-2543: Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to execute arbitrary code by leveraging access to a directly connected cl

nvd

CVE-2014-2541MEDIUMCVSS 5.0≤ 8.4.1v7.4.11+8 more2014-04-08

CVE-2014-2541 [MEDIUM] CWE-264 CVE-2014-2541: The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and The Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 do not properly implement access control, which allows remote attackers to obtain sensitive information or modify

nvd

CVE-2014-2542MEDIUMCVSS 4.3≤ 8.4.1v7.4.11+8 more2014-04-08

CVE-2014-2542 [MEDIUM] CWE-79 CVE-2014-2542: Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon ( Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messaging Appliance before 8.7.1, and Substation ES before 2.8.1 allows remote attackers to inject arbitrary web script or HTML via uns

nvd

CVE-2011-0649HIGHCVSS 7.2v8.2.1v8.3.02011-02-04

CVE-2011-0649 [HIGH] CVE-2011-0649: Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Ser Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before 1.0.4, Silver CAP Service vebefore 1.0.2, and Silver BusinessWorks Service 1.0.0, when running on Unix systems, allow local users to gain root privileges via unknow

nvd

CVE-2008-1703CRITICALCVSS 9.3≤ 8.102008-04-11

CVE-2008-1703 [CRITICAL] CWE-119 CVE-2008-1703: Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO produ Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message.

nvd

CVE-2007-4158HIGHCVSS 7.8v7.5.2v7.5.3+1 more2007-08-03

CVE-2007-4158 [HIGH] CVE-2007-4158: Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and 7.5.4 allows remote attackers to Memory leak in TIBCO Rendezvous (RV) daemon (rvd) 7.5.2, 7.5.3 and 7.5.4 allows remote attackers to cause a denial of service (memory consumption) via a packet with a length field of zero, a different vulnerability than CVE-2006-2830.

nvd

CVE-2007-4162HIGHCVSS 7.8v7.5.22007-08-03

CVE-2007-4162 [HIGH] CVE-2007-4162: TIBCO Rendezvous (RV) 7.5.2 does not protect confidentiality or integrity of inter-daemon communicat TIBCO Rendezvous (RV) 7.5.2 does not protect confidentiality or integrity of inter-daemon communication, which allows remote attackers to capture and spoof traffic.

nvd

CVE-2007-4159MEDIUMCVSS 5.0v7.5.22007-08-03

CVE-2007-4159 [MEDIUM] CVE-2007-4159: index.html in the HTTP administration interface in certain daemons in TIBCO Rendezvous (RV) 7.5.2 al index.html in the HTTP administration interface in certain daemons in TIBCO Rendezvous (RV) 7.5.2 allows remote attackers to obtain sensitive information, such as a user name and IP addresses, via a direct request.

nvd

CVE-2007-4161MEDIUMCVSS 4.3v7.5.22007-08-03

CVE-2007-4161 [MEDIUM] CVE-2007-4161: rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cau rvd in TIBCO Rendezvous (RV) 7.5.2, when -no-lead-wc is omitted, might allow remote attackers to cause a denial of service (network instability) via a subject name with a leading (1) '*' (asterisk) or (2) '>' (greater than) wildcard character.

nvd

CVE-2007-4160MEDIUMCVSS 5.0v7.5.22007-08-03

CVE-2007-4160 [MEDIUM] CVE-2007-4160: The default configuration of TIBCO Rendezvous (RV) 7.5.2 clients, when -no-multicast is omitted, use The default configuration of TIBCO Rendezvous (RV) 7.5.2 clients, when -no-multicast is omitted, uses a multicast group as the destination for a network message, which might make it easier for remote attackers to capture message contents by sniffing the network.

nvd

CVE-2006-4676LOWCVSS 1.2PoC≤ 7.4.112006-09-11

CVE-2006-4676 [LOW] CVE-2006-4676: TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which al TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which allows local users to obtain sensitive information by decoding the log file.

nvd

CVE-2006-2830HIGHCVSS 7.5v7.5.12006-06-05

CVE-2006-2830 [HIGH] CVE-2006-2830: Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk bef Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface.

nvd