This page lists publicly disclosed CVE vulnerabilities affecting qlik qlikview (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-36994 | QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an application crash and prevent normal functionality. | [email protected] | 4.6 | 0.17% | 2026-01-29 | 2026-06-16 |
| CVE-2022-42248 | QlikView 12.60.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the QvsViewClient functionality. | [email protected] | 5.4 | 0.38% | 2023-03-06 | 2026-06-17 |
| CVE-2021-41989 | Qlik QlikView through 12.60.20100.0 creates a Temporary File in a Directory with Insecure Permissions. | [email protected] | 7.8 | 0.30% | 2023-01-26 | 2026-06-17 |
| CVE-2015-3623 | XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx. | [email protected] | 6.4 | 15.76% | 2015-09-16 | 2026-06-16 |