2 matches found
CVE-2025-36603
Dell AppSync 4.6.0.0 contains an Improper Restriction of XML External Entity Reference vulnerability. A low-privilege attacker with local access could exploit this to cause information disclosure and information tampering. Exploitation details are not provided in the documents. References indicat...
CVE-2025-32744
Dell AppSync 4.6.0.0 contains an Unrestricted Upload of File with Dangerous Type vulnerability that could allow remote code execution by a high-privilege attacker with remote access. The issue stems from insufficient validation of uploaded files. A security update/ advisory (DSA-2025-277) is avai...