Lucene search
K

295 matches found

ATTACKERKB
ATTACKERKB
added 2025/04/04 7:15 a.m.3 views

CVE-2025-3086

Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...

7.1CVSS5.4AI score0.00392EPSS
Exploits0References3
NVD
NVD
added 2025/04/04 7:15 a.m.23 views

CVE-2025-3086

Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...

7.1CVSS0.00392EPSS
Exploits0References2
OSV
OSV
added 2025/04/04 7:15 a.m.7 views

CVE-2025-3086

Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...

7.1CVSS5.8AI score0.00392EPSS
Exploits0References2
CVE
CVE
added 2025/04/04 6:37 a.m.63 views

CVE-2025-3086

CVE-2025-3086 affects M-Files Server prior to 25.3.14549. The issue is improper isolation of users, enabling an anonymous user to affect other anonymous users’ views and potentially cause a denial of service. Affected product: M-Files Server. Root cause: improper user isolation between anonymous ...

7.1CVSS7.1AI score0.00392EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/04/04 6:37 a.m.29 views

CVE-2025-3086 User in anonymous role could create and delete views

Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...

6.3CVSS0.00392EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/04 6:37 a.m.11 views

CVE-2025-3086 User in anonymous role could create and delete views

Improper isolation of users in M-Files Server version before 25.3.14549 allows anonymous user to affect other anonymous users views and possibly cause a denial of service...

6.3CVSS7.1AI score0.00392EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/04/04 6:15 a.m.4 views

CVE-2025-2159

Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...

5.1CVSS5.3AI score0.0021EPSS
Exploits0References3
NVD
NVD
added 2025/04/04 6:15 a.m.13 views

CVE-2025-2159

Stored XSS in Desktop UI in M-Files Server Admin tool before version 25.3.14681.7 on Windows allows authenticated local user to run scripts via UI...

5.1CVSS0.0021EPSS
Exploits0References2
CVE
CVE
added 2025/04/04 6:6 a.m.55 views

CVE-2025-2159

CVE-2025-2159 affects M-Files Server Admin Tool Desktop UI prior to version 25.3.14681.7 on Windows. The issue is a stored XSS in the Desktop UI that allows an authenticated local user to execute scripts via the UI. Impact is limited to the Desktop UI component; exploitation requires local authen...

5.1CVSS5.8AI score0.0021EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.5 views

PT-2025-14856 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 25.3.14549 Description: The issue is related to improper isolation of users, allowing an anonymous user to affect other anonymous users' views and potentially cause a denial of service. This could lead to...

6.3CVSS6.2AI score0.00392EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.5 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.3.14549 that stems from improper user isolation and could result in a denial of service...

7.1CVSS6.5AI score0.00392EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/04 12:0 a.m.3 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.3.14681.7, which stems from stored cross-site scripting and could lead to script execution by a local user...

5.1CVSS5.8AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.5 views

PT-2025-14853 · M Files · M-Files Server Admin Tool

Name of the Vulnerable Software and Affected Versions: M-Files Server Admin tool versions prior to 25.3.14681.7 Description: The issue concerns a stored XSS in the desktop UI of the M-Files Server Admin tool. This allows authenticated local users to execute scripts through the UI. Recommendations...

5.1CVSS5.5AI score0.0021EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/03/03 12:0 a.m.7 views

The vulnerability of the M-Files Server platform, which is related to the use of files and directories accessible to external parties, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the M-Files Server platform for document automation involves the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.5AI score0.00374EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/17 1:28 p.m.8 views

CVE-2025-0648

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

5.9CVSS6.6AI score0.00498EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/01/23 11:15 a.m.2 views

CVE-2025-0648

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

5.9CVSS5.4AI score0.00498EPSS
Exploits0References3
OSV
OSV
added 2025/01/23 11:15 a.m.4 views

CVE-2025-0648

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

4.9CVSS5.8AI score0.00498EPSS
Exploits0References2
NVD
NVD
added 2025/01/23 11:15 a.m.11 views

CVE-2025-0648

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

5.9CVSS0.00498EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/01/23 11:15 a.m.3 views

CVE-2025-0619

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.9CVSS5.3AI score0.00408EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/01/23 11:15 a.m.4 views

CVE-2025-0635

Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions...

7.5CVSS5.3AI score0.00515EPSS
Exploits0References3
Rows per page
Query Builder