CVE-2020-36994
- EPSS 0.02%
- Veröffentlicht 29.01.2026 14:28:25
- Zuletzt bearbeitet 29.01.2026 16:31:00
QlikView 12.50.20000.0 contains a denial of service vulnerability in the FTP server address input field that allows local attackers to crash the application. Attackers can paste a 300-character buffer into the FTP server address field to trigger an a...
CVE-2024-29863
- EPSS 2.72%
- Veröffentlicht 05.04.2024 07:15:11
- Zuletzt bearbeitet 21.11.2024 09:08:29
A race condition in the installer executable in Qlik Qlikview before versions May 2022 SR3 (12.70.20300) and May 2023 SR2 (12,80.20200) may allow an existing lower privileged user to cause code to be executed in the context of a Windows Administrator...
CVE-2022-42248
- EPSS 0.09%
- Veröffentlicht 06.03.2023 22:15:09
- Zuletzt bearbeitet 06.03.2025 17:15:13
QlikView 12.60.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the QvsViewClient functionality.
CVE-2021-41989
- EPSS 0.04%
- Veröffentlicht 26.01.2023 21:15:24
- Zuletzt bearbeitet 01.04.2025 14:15:16
Qlik QlikView through 12.60.20100.0 creates a Temporary File in a Directory with Insecure Permissions.
CVE-2015-3623
- EPSS 4.2%
- Veröffentlicht 16.09.2015 18:59:02
- Zuletzt bearbeitet 12.04.2025 10:46:40
XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML data in a request to AccessPoint.aspx.