Every CVE whose affected-product data names Venki Supravizio Bpm, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-46479 — CVSS 9.9 (critical): Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. An authenticated attacker may upload…
CVE-2020-15367 — CVSS 9.8 (critical): Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to…
CVE-2024-46480 — CVSS 8.4 (high): An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate…
CVE-2024-46481 — CVSS 7.2 (high): The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to reflected XSS.
CVE-2020-15392 — CVSS 5.3 (medium): A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. This issue occurs during password recovery, where a…