Tibco Spotfire Deployment Kit — known CVE vulnerabilities
Every CVE whose affected-product data names Tibco Spotfire Deployment Kit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2017-3181 — CVSS 9.8 (critical): Multiple TIBCO Products are prone to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied…
CVE-2025-3115 — CVSS 9.8 (critical): Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions…
CVE-2018-5435 — CVSS 9.6 (critical): The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire…
CVE-2019-17334 — CVSS 8.0 (high): The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO…
CVE-2015-4554 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before…
CVE-2018-5437 — CVSS 6.8 (medium): The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire…
CVE-2017-3180 — CVSS 5.4 (medium): Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize…
CVE-2014-7195 — CVSS 4.0 (medium): Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x before 6.0.2 and 6.5.x before 6.5.2, Spotfire Deployment Kit 6.0.x before…