Appsync
This hub aggregates every CVE we track for Appsync, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
16
CVEs tracked
1
Critical
8
High
0
In CISA KEV
Severity distribution
HIGH8MEDIUM6LOW1CRITICAL1
Monthly trend
0
0
1
0
1
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
2
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Appsync.
- CVE-2026-22768Dell AppSync, version(s) 4.6.0, contain(s) an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnera...7.3
- CVE-2026-22767Dell AppSync, version(s) 4.6.0, contain(s) an UNIX Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading...7.3
- CVE-2025-32744Dell AppSync, version(s) 4.6.0.0, contains an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerabili...6.6
- CVE-2025-36603Dell AppSync, version(s) 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnera...4.2
- CVE-2024-52542Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to inform...4.4
- CVE-2024-39586Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to ...2.9
- CVE-2024-22464 Dell EMC AppSync, versions from 4.2.0.0 to 4.6.0.0 including all Service Pack releases, contain an exposure of sensitive information vulnerability in AppSync server logs. A high privileged remote ...6.2
- CVE-2023-32458 Dell AppSync, versions 4.4.0.0 to 4.6.0.0 including Service Pack releases, contains an improper access control vulnerability in Embedded Service Enabler component. A local malicious user could pot...7.3
- CVE-2022-24424Dell EMC AppSync versions from 3.9 to 4.3 contain a path traversal vulnerability in AppSync server. A remote unauthenticated attacker may potentially exploit this vulnerability to gain unauthorized...7.5
- CVE-2022-22553Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication Attempts Vulnerability that can be exploited from UI and CLI. An adjacent unauthenticated attacker c...8.1
- CVE-2022-22552Dell EMC AppSync versions 3.9 to 4.3 contain a clickjacking vulnerability in AppSync. A remote unauthenticated attacker could potentially exploit this vulnerability to trick the victim into executi...6.9
- CVE-2022-22551DELL EMC AppSync versions 3.9 to 4.3 use GET request method with sensitive query strings. An Adjacent, unauthenticated attacker could potentially exploit this vulnerability, and hijack the victim s...8.3
- CVE-2017-14376EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system.7.8
- CVE-2017-8018EMC AppSync host plug-in versions 3.5 and below (Windows platform only) includes a denial of service (DoS) vulnerability that could potentially be exploited by malicious users to compromise the aff...7.5
- CVE-2017-8015EMC AppSync (all versions prior to 3.5) contains a SQL injection vulnerability that could potentially be exploited by malicious users to compromise the affected system.9.8
Product normalization is registry-driven with AI assist and human review. How it works