Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Altova Subscribe
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-37425 1 Altova 1 Mobiletogether Server 2021-08-18 6.4 MEDIUM 9.1 CRITICAL
Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key.
CVE-2021-38490 1 Altova 1 Mobiletogether Server 2021-08-18 5.0 MEDIUM 7.5 HIGH
Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425.
CVE-2010-5273 1 Altova 1 Diffdog 2011 2013-01-03 6.9 MEDIUM N/A
Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .dbdif file. NOTE: some of these details are obtained from third party information.
CVE-2010-5271 1 Altova 1 Mapforce 2012-09-07 6.9 MEDIUM N/A
Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mfd file. NOTE: some of these details are obtained from third party information.
CVE-2010-5272 1 Altova 1 Databasespy 2011 2012-09-07 6.9 MEDIUM N/A
Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file. NOTE: some of these details are obtained from third party information.