Skip to main content

Qlik Sense

6 CVEs product

Monthly

CVE-2025-61138 HIGH This Month

Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/ directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qlik Sense
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-48365 CRITICAL KEV THREAT Act Now

Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Request Smuggling Microsoft Qlik Sense
NVD
CVSS 3.1
9.9
EPSS
24.7%
CVE-2023-41266 MEDIUM POC KEV THREAT This Month

A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Microsoft Qlik Sense
NVD
CVSS 3.1
6.5
EPSS
82.6%
CVE-2023-41265 CRITICAL POC KEV THREAT Act Now

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier,. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling Microsoft Qlik Sense
NVD
CVSS 3.1
9.9
EPSS
85.0%
CVE-2022-0564 MEDIUM This Month

A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Qlik Sense
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2019-11628 MEDIUM This Month

An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Qlikview Server Qlik Analytics Qlik Sense
NVD
CVSS 3.0
6.5
EPSS
1.0%
EPSS 0% CVSS 7.5
HIGH This Month

Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/ directory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qlik Sense
NVD GitHub
EPSS 25% CVSS 9.9
CRITICAL KEV THREAT Act Now

Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Request Smuggling Microsoft +1
NVD
EPSS 83% CVSS 6.5
MEDIUM POC KEV THREAT This Month

A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Microsoft Qlik Sense
NVD
EPSS 85% CVSS 9.9
CRITICAL POC KEV THREAT Act Now

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier,. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling Microsoft +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Qlik Sense
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Qlikview Server Qlik Analytics +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy