Filtered by vendor Altova
Subscribe
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-37425 | 1 Altova | 1 Mobiletogether Server | 2021-08-18 | 6.4 MEDIUM | 9.1 CRITICAL |
Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key. | |||||
CVE-2021-38490 | 1 Altova | 1 Mobiletogether Server | 2021-08-18 | 5.0 MEDIUM | 7.5 HIGH |
Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425. | |||||
CVE-2010-5273 | 1 Altova | 1 Diffdog 2011 | 2013-01-03 | 6.9 MEDIUM | N/A |
Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .dbdif file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-5271 | 1 Altova | 1 Mapforce | 2012-09-07 | 6.9 MEDIUM | N/A |
Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mfd file. NOTE: some of these details are obtained from third party information. | |||||
CVE-2010-5272 | 1 Altova | 1 Databasespy 2011 | 2012-09-07 | 6.9 MEDIUM | N/A |
Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file. NOTE: some of these details are obtained from third party information. |