Venki Supravizio_bpm

5 CVEs affecting Venki Supravizio_bpm. Latest disclosed: 2025-01-13. Critical: 2, High: 2.

Top CVEs affecting Venki Supravizio_bpm
CVESeverityScorePublishedSummary
CVE-2024-46479Critical9.92025-01-13Venki Supravizio BPM through 18.0.1 was discovered to contain an arbitrary file upload vulnerability. An authenticated attacker may upload a malicious file, le…
CVE-2020-15367Critical9.82020-07-07Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-forc…
CVE-2024-46480High8.42025-01-13An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate privileges on the under…
CVE-2024-46481High7.22025-01-13The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to reflected XSS.
CVE-2020-15392Medium5.32020-07-07A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. This issue occurs during password recovery, where a difference in error message…