VYPR
Vendor

Altova

Products
5
CVEs
5
Across products
6
Status
Private

Products

5

Recent CVEs

5
  • CVE-2021-37425Aug 10, 2021
    risk 0.04cvss epss 0.66

    Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key.

  • CVE-2021-38490Aug 10, 2021
    risk 0.00cvss epss 0.01

    Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425.

  • CVE-2010-5273Sep 7, 2012
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .dbdif file. NOTE: some of these details…

  • CVE-2010-5272Sep 7, 2012
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file. NOTE: some of these…

  • CVE-2010-5271Sep 7, 2012
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mfd file. NOTE: some of these details…