Altova : Security Vulnerabilities, CVEs, CVSS score >= 2
Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425.
Max CVSS
7.5
EPSS Score
0.13%
Published
2021-08-10
Updated
2021-08-18
Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key.
Max CVSS
9.1
EPSS Score
3.11%
Published
2021-08-10
Updated
2021-08-18
Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .dbdif file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-07
Updated
2013-01-04
Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-07
Updated
2012-09-07
Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mfd file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-07
Updated
2012-09-07
5 vulnerabilities found