Aggregates CVE and security vulnerability intelligence across all altova-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk xxe and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-38490 | Altova MobileTogether Server before 7.3 SP1 allows XML exponential entity expansion, a different vulnerability than CVE-2021-37425. | [email protected] | 7.5 | 0.32% | 2021-08-10 | 2024-11-21 |
| CVE-2021-37425 | Altova MobileTogether Server before 7.3 SP1 allows XXE attacks, such as an InfoSetChanges/Changes attack against /workflowmanagement, or reading mobiletogetherserver.cfg and then reading the certificate and private key. | [email protected] | 9.1 | 8.68% | 2021-08-10 | 2024-11-21 |
| CVE-2010-5273 | Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .dbdif file. NOTE: some of these details are obtained from third party information. | [email protected] | 6.9 | 0.07% | 2012-09-07 | 2026-04-29 |
| CVE-2010-5272 | Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .qprj file. NOTE: some of these details are obtained from third party information. | [email protected] | 6.9 | 0.07% | 2012-09-07 | 2026-04-29 |
| CVE-2010-5271 | Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mfd file. NOTE: some of these details are obtained from third party information. | [email protected] | 6.9 | 0.07% | 2012-09-07 | 2026-04-29 |