Lucene search
K

295 matches found

OSV
OSV
added 2025/01/23 11:15 a.m.6 views

CVE-2025-0619

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.9CVSS5.8AI score0.00408EPSS
Exploits0References2
OSV
OSV
added 2025/01/23 11:15 a.m.6 views

CVE-2025-0635

Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions...

7.5CVSS5.8AI score0.00515EPSS
Exploits0References2
NVD
NVD
added 2025/01/23 11:15 a.m.11 views

CVE-2025-0619

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.9CVSS0.00408EPSS
Exploits0References2
NVD
NVD
added 2025/01/23 11:15 a.m.13 views

CVE-2025-0635

Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions...

7.5CVSS0.00515EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/23 11:7 a.m.35 views

CVE-2025-0635 Denial of Service condition in M-Files Server

Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions...

6.3CVSS0.00515EPSS
Exploits0References2
CVE
CVE
added 2025/01/23 11:7 a.m.59 views

CVE-2025-0635

CVE-2025-0635 affects M-Files Server, where an unauthenticated client can cause a denial of service in versions prior to 25.1.14445.5. The issue is triggered under certain conditions and impacts availability; exploitation details are not provided in the documents. Remediation: upgrade to 25.1.144...

7.5CVSS7AI score0.00515EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/23 11:7 a.m.8 views

CVE-2025-0635 Denial of Service condition in M-Files Server

Denial of service condition in M-Files Server in versions before 25.1.14445.5 allows an unauthenticated user to consume computing resources in certain conditions...

6.3CVSS6.6AI score0.00515EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/23 11:7 a.m.29 views

CVE-2025-0619 Unsafe stored password recovery

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.6CVSS0.00408EPSS
Exploits0References2
CVE
CVE
added 2025/01/23 11:7 a.m.61 views

CVE-2025-0619

The CVE-2025-0619 entry concerns M-Files Server prior to version 25.1, where unsafe password recovery from configuration allows a highly privileged user to recover external connector passwords. The issue’s root cause is improper handling of password recovery settings in configuration, enabling ac...

4.9CVSS7AI score0.00408EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/23 11:7 a.m.8 views

CVE-2025-0619 Unsafe stored password recovery

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.6CVSS6.6AI score0.00408EPSS
Exploits0References2
CVE
CVE
added 2025/01/23 11:6 a.m.45 views

CVE-2025-0648

CVE-2025-0648 affects M-Files Server prior to 25.1.14445.5 and prior to 24.8 LTS SR3. A highly privileged attacker can cause a denial of service by changing configuration, triggering an unexpected crash in the database driver. Remediation: upgrade to 25.1.14445.5 or newer, or to 24.8 LTS SR3 or n...

5.9CVSS6.4AI score0.00498EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/01/23 11:6 a.m.22 views

CVE-2025-0648 M-Files Server crash via EOT database driver configuration

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

5.9CVSS0.00498EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/23 11:6 a.m.4 views

CVE-2025-0648 M-Files Server crash via EOT database driver configuration

Unexpected server crash in database driver in M-Files Server before 25.1.14445.5 and before 24.8 LTS SR3 allows a highly privileged attacker to cause denial of service via configuration change...

5.9CVSS6.4AI score0.00498EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.5 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.1.14445.5. An attacker exploiting this vulnerability could cause a denial of service by changing the configuration...

5.9CVSS6.4AI score0.00498EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.7 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in versions of M-Files Server prior to 25.1, which stems from allowing insecure passwords to be set. An attacker could exploit the vulnerability to recover external connector passwords...

4.9CVSS6.6AI score0.00408EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/23 12:0 a.m.6 views

PT-2025-3991 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 25.1.14445.5 Description: The condition in M-Files Server allows an unauthenticated user to consume computing resources in certain conditions. This issue can lead to a denial of service. Recommendations: For...

6.3CVSS7.3AI score0.00515EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.6 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.1.14445.5. An attacker can exploit the vulnerability to consume computational resources...

7.5CVSS6.6AI score0.00515EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.14 views

The vulnerability of the M-Files Server platform for automating document processing in Windows operating systems stems from deficiencies in the authentication process. This allows attackers to bypass the authentication process and gain increased privileges.

The vulnerability of the M-Files Server platform for automating document processing in Windows operating systems is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process and gain increased privileges...

10CVSS5.5AI score0.00597EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/11/20 9:15 a.m.3 views

CVE-2024-10127

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration...

9.8CVSS5.4AI score0.00597EPSS
Exploits0References3
NVD
NVD
added 2024/11/20 9:15 a.m.14 views

CVE-2024-10127

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowed user authentication without a password when the LDAP server itself had the vulnerable configuration...

9.8CVSS0.00597EPSS
Exploits0References2
Rows per page
Query Builder