295 matches found
CVE-2025-3086
Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...
CVE-2025-3086
Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...
CVE-2025-3086
Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...
CVE-2025-3086
CVE-2025-3086 affects M-Files Server prior to 25.3.14549. The issue is improper isolation of users, enabling an anonymous user to affect other anonymous users’ views and potentially cause a denial of service. Affected product: M-Files Server. Root cause: improper user isolation between anonymous ...
CVE-2025-3086 User in anonymous role could create and delete views
Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...
CVE-2025-3086 User in anonymous role could create and delete views
Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...
CVE-2025-2159
Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...
CVE-2025-2159
Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...
CVE-2025-2159
CVE-2025-2159 affects M-Files Server Admin Tool Desktop UI prior to version 25.3.14681.7 on Windows. The issue is a stored XSS in the Desktop UI that allows an authenticated local user to execute scripts via the UI. Impact is limited to the Desktop UI component; exploitation requires local authen...
PT-2025-14856 · M Files · M-Files Server
Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 25.3.14549 Description: The issue is related to improper isolation of users, allowing an anonymous user to affect other anonymous users' views and potentially cause a denial of service. This could lead to...
M-Files Server 安全漏洞
M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.3.14549 that stems from improper user isolation and could result in a denial of service...
M-Files Server 安全漏洞
M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.3.14681.7, which stems from stored cross-site scripting and could lead to script execution by a local user...
PT-2025-14853 · M Files · M-Files Server Admin Tool
Name of the Vulnerable Software and Affected Versions: M-Files Server Admin tool versions prior to 25.3.14681.7 Description: The issue concerns a stored XSS in the desktop UI of the M-Files Server Admin tool. This allows authenticated local users to execute scripts through the UI. Recommendations...
The vulnerability of the M-Files Server platform, which is related to the use of files and directories accessible to external parties, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the M-Files Server platform for document automation involves the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
CVE-2025-0648
Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...
CVE-2025-0648
Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...
CVE-2025-0648
Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...
CVE-2025-0648
Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...
CVE-2025-0619
Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...
CVE-2025-0635
Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions...