VYPR
Vendor

Spotfire

Products
2
CVEs
5
Across products
6
Status
Private

Products

2

Recent CVEs

5
  • CVE-2024-3330CriJun 27, 2024
    risk 0.64cvss 9.9epss 0.01

    Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires…

  • CVE-2025-3114CriApr 9, 2025
    risk 0.61cvss epss 0.00

    Code Execution via Malicious Files: Attackers can create specially crafted files with embedded code that may execute without adequate security validation, potentially leading to system compromise. Sandbox Bypass Vulnerability: A flaw in the TERR security mechanism allows…

  • CVE-2024-3331MedJun 27, 2024
    risk 0.44cvss 6.8epss 0.00

    Vulnerability in Spotfire Spotfire Enterprise Runtime for R - Server Edition, Spotfire Spotfire Statistics Services, Spotfire Spotfire Analyst, Spotfire Spotfire Desktop, Spotfire Spotfire Server allows The impact of this vulnerability depends on the privileges of the user…

  • CVE-2025-3115Apr 9, 2025
    risk 0.00cvss epss 0.01

    Injection Vulnerabilities: Attackers can inject malicious code, potentially gaining control over the system executing these functions. Additionally, insufficient validation of filenames during file uploads can enable attackers to upload and execute malicious files, leading to…

  • CVE-2023-26221Nov 8, 2023
    risk 0.00cvss epss 0.00

    The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marketplace contains an easily exploitable vulnerability that allows a low privileged attacker with read/write access to craft malicious Analyst files. A successful…