Lucene search
K

69 matches found

Vulnrichment
Vulnrichment
added 2022/10/31 8:9 p.m.7 views

CVE-2022-39018 Broken access controls on PDFtron data in M-Files Hubshare

Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL...

8.2CVSS8.1AI score0.00384EPSS
Exploits0References1
CVE
CVE
added 2022/10/31 8:9 p.m.73 views

CVE-2022-39018

The vulnerability CVE-2022-39018 affects M-Files Hubshare prior to 3.3.11.3, where broken access controls on PDFtron data allow unauthenticated users to access restricted PDF files via a known URL. Affected component: PDFtron data within Hubshare; root cause: inadequate access control enforcement...

8.2CVSS7.7AI score0.00384EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/31 8:9 p.m.22 views

CVE-2022-39018 Broken access controls on PDFtron data in M-Files Hubshare

Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL...

8.2CVSS8.3AI score0.00384EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 8:9 p.m.9 views

CVE-2022-39019 Broken access controls on PDFtron WebviewerUI in M-Files Hubshare

Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server...

6.3CVSS7.6AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2022/10/31 8:9 p.m.62 views

CVE-2022-39019

CVE-2022-39019 affects M-Files Hubshare prior to 3.3.11.3, with broken access controls in PDFtron WebviewerUI allowing unauthenticated attackers to upload malicious files to the application server. Multiple sources (NVD, CVE listings, PT-SECURITY) corroborate the issue and version range. The root...

7.5CVSS6.9AI score0.00369EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/31 8:9 p.m.14 views

CVE-2022-39019 Broken access controls on PDFtron WebviewerUI in M-Files Hubshare

Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server...

6.3CVSS7.8AI score0.00369EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/31 8:6 p.m.27 views

CVE-2022-39016 Javascript injection in PDFtron in M-Files Hubshare

Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload...

8.2CVSS8.7AI score0.00491EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/31 8:6 p.m.8 views

CVE-2022-39016 Javascript injection in PDFtron in M-Files Hubshare

Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload...

8.2CVSS6.9AI score0.00491EPSS
Exploits0References1
CVE
CVE
added 2022/10/31 8:6 p.m.77 views

CVE-2022-39016

The CVE-2022-39016 issue affects M‑Files Hubshare prior to 3.3.10.9, where a Javascript injection in PDFtron enables an authenticated attacker to perform an account takeover via a crafted PDF upload. Impact is described as takeover with high confidentiality, integrity, and availability implicatio...

8.8CVSS8.4AI score0.00491EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/10/31 12:0 a.m.4 views

M-Files Hubshare 安全漏洞

M-Files Hubshare is a collaboration solution from M-Files, Inc. designed to seamlessly share files, documents and collaborative content. A security vulnerability exists in M-Files Hubshare versions prior to 3.3.11.3, which stems from poor access control in its PDFtron WebviewerUI allowing...

7.5CVSS7.3AI score0.00369EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/31 12:0 a.m.3 views

PT-2022-24675 · M Files +1 · M-Files Hubshare +1

Name of the Vulnerable Software and Affected Versions: M-Files Hubshare versions prior to 3.3.11.3 Description: The issue concerns broken access controls on PDFtron WebviewerUI in M-Files Hubshare, allowing unauthenticated attackers to upload malicious files to the application server...

7.5CVSS7.6AI score0.00369EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/31 12:0 a.m.2 views

M-Files Hubshare 注入漏洞

M-Files Hubshare is a collaboration solution from M-Files, Inc. designed to seamlessly share files, documents and collaborative content. A security vulnerability exists in M-Files Hubshare versions prior to 3.3.10.9, which stems from a vulnerability in its PDFtron that allows an authenticated...

8.8CVSS7.9AI score0.00491EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/08/22 12:0 a.m.12 views

The vulnerability of PDFTron software components, used by Autodesk for modeling, design, and drafting, allows a hacker to execute arbitrary code.

The vulnerability of PDFTron software components, used by Autodesk for modeling, design, and drawing tasks, involves unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during PDF file analysis...

9.3CVSS7.7AI score0.00727EPSS
Exploits0References3Affected Software12
NVD
NVD
added 2022/06/21 3:15 p.m.23 views

CVE-2022-27871

Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...

7.8CVSS0.00727EPSS
Exploits0References1
OSV
OSV
added 2022/06/21 3:15 p.m.2 views

CVE-2022-27871

Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...

7.8CVSS6.2AI score0.00727EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/21 3:15 p.m.2 views

CVE-2022-27871

Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...

7.8CVSS7.4AI score0.00727EPSS
Exploits0References2
Prion
Prion
added 2022/06/21 3:15 p.m.27 views

Code injection

Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...

6.8CVSS8AI score0.00727EPSS
Exploits0References1Affected Software14
Cvelist
Cvelist
added 2022/06/21 2:23 p.m.27 views

CVE-2022-27871

Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...

8.2AI score0.00727EPSS
Exploits0References1
CVE
CVE
added 2022/06/21 2:23 p.m.72 views

CVE-2022-27871

CVE-2022-27871 affects Autodesk AutoCAD product suite, Revit, Design Review and Navisworks when using PDFTron prior to 9.1.17. The root cause is a boundary error while parsing PDF files, which can allow writing beyond the allocated buffer. This may enable arbitrary code execution on the affected ...

7.8CVSS8AI score0.00727EPSS
Exploits0References1Affected Software14
NVD
NVD
added 2022/04/19 9:15 p.m.21 views

CVE-2022-27527

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files. It was fixed in PDFTron earlier than 9.0.7 version in Autodesk Navisworks 2022, and 2020...

7.8CVSS0.00483EPSS
Exploits0References1
Rows per page
Query Builder