Lucene search
K

295 matches found

EUVD
EUVD
added 2026/01/21 10:29 a.m.3 views

EUVD-2026-3685

Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint...

6.9CVSS5.5AI score0.00374EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/21 10:29 a.m.4 views

CVE-2026-0663 Denial of Service condition in M-Files Server

Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint...

6.9CVSS5.5AI score0.00374EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/21 10:29 a.m.3 views

CVE-2026-0663

Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint...

6.9CVSS5.4AI score0.00374EPSS
Exploits0References2
CVE
CVE
added 2026/01/21 10:29 a.m.15 views

CVE-2026-0663

CVE-2026-0663 is a denial-of-service vulnerability in M-Files Server prior to version 26.1.15632.3 . An authenticated attacker with vault administrator privileges can crash the M-Files Server process by calling a vulnerable API endpoint, causing a server availability impact. Public details identi...

6.9CVSS5.5AI score0.00374EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.8 views

PT-2026-3760

Denial-of-service vulnerability in M-Files Server versions before 26.1.15632.3 allows an authenticated attacker with vault administrator privileges to crash the M-Files Server process by calling a vulnerable API endpoint...

6.9CVSS5.5AI score0.00374EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.8 views

M-Files Server security vulnerabilities

The M-Files Server is a server belonging to the M-Files company’s M-Files system. Versions of the M-Files Server prior to 26.1.15632.3 had security vulnerabilities. These vulnerabilities stemmed from vulnerable API endpoints, which could allow authenticated attackers to cause the server process t...

6.9CVSS5.8AI score0.00374EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/20 7:11 a.m.5 views

CVE-2025-13008

An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users...

8.6CVSS6.2AI score0.00525EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/19 8:31 a.m.4 views

CVE-2025-14318

Improper access checks in M-Files Server before 25.12.15491.7 allows users to download files through M-Files Web using Web Companion despite Print and Download Prevention module being enabled...

5.3CVSS6.8AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2025/12/19 7:16 a.m.5 views

CVE-2025-14267

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

5.6CVSS0.00352EPSS
Exploits0References2
OSV
OSV
added 2025/12/19 7:16 a.m.6 views

CVE-2025-14267

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

4.9CVSS5.8AI score0.00352EPSS
Exploits0References2
CVE
CVE
added 2025/12/19 7:4 a.m.10 views

CVE-2025-13008

CVE-2025-13008 describes an information-disclosure vulnerability in M-Files Server where an authenticated attacker using M-Files Web can capture session tokens of other active users. Affected versions include prior to 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3, and 24.8 LTS SR5. The root cause is ...

8.6CVSS5.8AI score0.00525EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/19 7:4 a.m.5 views

EUVD-2025-204468

An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users...

8.6CVSS5.7AI score0.00525EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/19 6:15 a.m.25 views

CVE-2025-14267 Unintended temporary cached data included in a structure only copy intended to be empty of data

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

5.6CVSS0.00352EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/19 6:15 a.m.3 views

CVE-2025-14267 Unintended temporary cached data included in a structure only copy intended to be empty of data

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

5.6CVSS6.2AI score0.00352EPSS
Exploits0References2
CVE
CVE
added 2025/12/19 6:15 a.m.10 views

CVE-2025-14267

CVE-2025-14267 affects M-Files Server prior to version 25.12.15491.7. The issue is incomplete removal of sensitive information before data transfer, enabling potential data-leak exposure. Affected component is the server-side handling of data transfer where sensitive data may remain cached/left b...

5.6CVSS6.2AI score0.00352EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/12/19 6:15 a.m.7 views

EUVD-2025-204453

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

5.6CVSS6AI score0.00352EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.7 views

PT-2025-52417

Name of the Vulnerable Software and Affected Versions M-Files Server versions prior to 25.12.15491.7 M-Files Server versions 25.8 LTS SR3, 25.2 LTS SR3, and 24.8 LTS SR5 Description An information disclosure issue exists in M-Files Server that could allow an authenticated attacker using M-Files W...

8.6CVSS6.2AI score0.00525EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.4 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server that originates from an authenticated attacker being able to capture session tokens of other active users via M-Files Web. The following versions are affected: versions prior to...

8.6CVSS6.6AI score0.00525EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/19 12:0 a.m.5 views

PT-2025-52414

Name of the Vulnerable Software and Affected Versions M-Files versions prior to 25.12.15491.7 Description A flaw exists in M-Files Server that involves the incomplete removal of sensitive information before data transfer, potentially leading to data leak exposure. Recommendations Update to versio...

5.6CVSS6.3AI score0.00352EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.4 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.12.15491.7, which stems from incomplete removal of sensitive information and could lead to a data leak...

5.6CVSS6.3AI score0.00352EPSS
Exploits0References2
Rows per page
Query Builder