Hawk

This hub aggregates every CVE we track for Hawk, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 11 most recently published vulnerabilities affecting Hawk.

• CVE-2024-3182Install-type password disclosure vulnerability in Universal Installer including the Silent Installer in TIBCO Hawk versions 6.2.0, 6.2.1, 6.2.2 and 6.2.3 allows user's Enterprise Message Service (...6.5May 15, 2024
• CVE-2023-26219TIBCO Operational Intelligence Hawk RedTail Credential Exposure Vulnerability7.4Oct 24, 2023
• CVE-2022-41564TIBCO Operational Intelligence Hawk Redtail Credential Exposure Vulnerability6.8Feb 14, 2023
• CVE-2021-3020An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This al...8.8Aug 25, 2022
• CVE-2022-29167ReDoS vulnerability in header parsing in hawk7.4May 5, 2022
• CVE-2020-35458An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_me_id parameter in the login_from_cookie cookie. The user logout ro...9.8Jan 12, 2021
• CVE-2016-2515Hawk before 3.1.3 and 4.x before 4.1.1 allow remote attackers to cause a denial of service (CPU consumption or partial outage) via a long (1) header or (2) URI that is matched against an improper r...7.5Apr 13, 2016
• CVE-2008-3338Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk before 4.8.1; Runtime Agent (TRA) before 5.6.0; iProcess Engine 10.3.0...10.0Aug 13, 2008
• CVE-2008-1703Multiple buffer overflows in TIBCO Software Rendezvous before 8.1.0, as used in multiple TIBCO products, allow remote attackers to execute arbitrary code via a crafted message.9.3Apr 11, 2008
• CVE-2006-2830Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent (TRA) before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary cod...7.5Jun 5, 2006
• CVE-2006-2829Buffer overflow in Hawk Monitoring Agent (HMA) for TIBCO Hawk before 4.6.1 and TIBCO Runtime Agent (TRA) before 5.4 allows authenticated users to execute arbitrary code via the configuration for ti...6.8Jun 5, 2006