Vulnerabilities > Altova
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2021-37425 | XXE vulnerability in Altova Mobiletogether Server 7.3 Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key. | 6.4 |
| 2021-08-10 | CVE-2021-38490 | XML Entity Expansion vulnerability in Altova Mobiletogether Server 7.3 Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425. | 5.0 |
| 2012-09-07 | CVE-2010-5273 | Unspecified vulnerability in Altova Diffdog 2011 Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .dbdif file. local altova | 6.9 |
| 2012-09-07 | CVE-2010-5272 | Unspecified vulnerability in Altova Databasespy 2011 Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file. local altova | 6.9 |
| 2012-09-07 | CVE-2010-5271 | Unspecified vulnerability in Altova Mapforce 2011 Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mfd file. local altova | 6.9 |