Lucene search
K

568 matches found

0day.today
0day.today
added 2021/12/04 12:0 a.m.476 views

M-Files Web Denial Of Service Vulnerability

M-Files Web versions prior to 20.10.9524.1 and M-Files Web versions prior to 20.10.9445.0 contain an improper range header processing vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges via HTTP requests with a specially-crafted Range or Request-Rang...

7.5CVSS0.7AI score0.02837EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2021/12/03 12:0 a.m.6 views

PT-2021-21591 · M Files · M-Files Web

Name of the Vulnerable Software and Affected Versions: M-Files Web versions prior to 20.10.9524.1 Description: The issue allows a denial of service via overlapping ranges in HTTP requests with crafted Range or Request-Range headers. It is disputed because the range behavior is the responsibility ...

7.8CVSS7.3AI score0.02837EPSS
Exploits3References14
CNNVD
CNNVD
added 2021/12/03 12:0 a.m.5 views

M-Files Corporation M-Files Web 环境问题漏洞

M-Files Corporation M-Files Web is an intelligent information management platform from M-Files Corporation, USA. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web that originates from M-Files Web allowing denial of service via overlapping...

7.8CVSS5.6AI score0.02837EPSS
Exploits3References8
Packet Storm
Packet Storm
added 2021/12/03 12:0 a.m.493 views

M-Files Web Denial Of Service

I. SUMMARY ============================================================================================================================================================= Title: M-Files Web Improper Range Header Processing Denial of Services DoS Vulnerability Product: M-Files Web version before...

7.6AI score0.02837EPSS
Exploits3
Prion
Prion
added 2021/10/28 2:15 p.m.15 views

Design/Logic Flaw

In M-Files Web product with versions before 20.10.9524.1 and 20.10.9445.0, a remote attacker could use a flaw to obtain unauthenticated access to 3rd party component license key information on server...

5CVSS7.4AI score0.01302EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/10/28 1:7 p.m.51 views

CVE-2021-37254

CVE-2021-37254 affects M-Files Web prior to 20.10.9524.1 and 20.10.9445.0. A remote attacker could obtain unauthenticated access to license key information for third‑party components stored on the server. Root cause and exact exploitation details are not provided in the documents. No remediation ...

7.5CVSS7.3AI score0.01302EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/10/28 1:7 p.m.29 views

CVE-2021-37254

In M-Files Web product with versions before 20.10.9524.1 and 20.10.9445.0, a remote attacker could use a flaw to obtain unauthenticated access to 3rd party component license key information on server...

7.6AI score0.01302EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/28 12:0 a.m.7 views

M-Files Web 授权问题漏洞

M-Files Corporation M-Files Web is an intelligent information management platform from M-Files Corporation, USA. M-Files Web is an intelligent information management platform from M-Files Corporation, Inc. that is used to optimally support users in their daily work. A security vulnerability exist...

7.5CVSS7.4AI score0.01302EPSS
Exploits0References4
Rows per page
Query Builder