177 matches found
CVE-2023-42955
Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...
CVE-2023-42920
Claris International has fixed a dylib hijacking vulnerability in the FileMaker Pro.app and Claris Pro.app versions on macOS...
CVE-2013-2319
FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2013-3640
Cross-site scripting XSS vulnerability in the Instant Web Publish function in FileMaker Pro before 12 and Pro Advanced before 12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2024-27790
Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...
CVE-2024-27790
Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...
CVE-2023-42955
Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...
CVE-2023-42955
Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...
FileMaker Server 安全漏洞
FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server versions prior to 20.3.1. An attacker can exploit the vulnerability to obtain passwords...
FileMaker Server 安全漏洞
FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in Claris FileMaker Server versions prior to 20.3.2 that stems from allowing unauthorized access to storage...
CVE-2024-27790
Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...
CVE-2024-27790
CVE-2024-27790 affects Claris FileMaker Server: an issue that could allow unauthorized access to records stored in databases hosted on the server. The root cause is addressed by validating transactions before replying to client requests, and a fix is available in FileMaker Server 20.3.2. Affected...
CVE-2023-42955
Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...
CVE-2023-42955
CVE-2023-42955 concerns FileMaker Server prior to 20.3.1, where passwords for the Admin Role could be exposed to front-end websites via the Node.js socket while signed in to the Admin Console with an administrator role. The issue has been fixed in FileMaker Server 20.3.1 by eliminating the sendin...
PT-2024-22034 · Clarisa · Filemaker Server
Name of the Vulnerable Software and Affected Versions: FileMaker Server versions prior to 20.3.2 Description: The issue potentially allowed unauthorized access to records stored in databases hosted on FileMaker Server. This was resolved by validating transactions before replying to client request...
PT-2024-13068 · Clarisa · Filemaker Server
Name of the Vulnerable Software and Affected Versions: FileMaker Server versions prior to 20.3.1 Description: The issue potentially exposed password information to front-end websites when signed in to the Admin Console with an administrator role. This was resolved by eliminating the send of Admin...
CVE-2024-27794
Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...
CVE-2024-27794
Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...
CVE-2024-27794
CVE-2024-27794 affects Claris FileMaker Server versions prior to 20.3.2. The issue is a reflected Cross-Site Scripting vulnerability caused by an improperly handled parameter in the FileMaker WebDirect login endpoint. The impact is a potential XSS via the login flow; the fix is to upgrade to File...
CVE-2024-27794
Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...