69 matches found
CVE-2022-39018 Broken access controls on PDFtron data in M-Files Hubshare
Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL...
CVE-2022-39018
The vulnerability CVE-2022-39018 affects M-Files Hubshare prior to 3.3.11.3, where broken access controls on PDFtron data allow unauthenticated users to access restricted PDF files via a known URL. Affected component: PDFtron data within Hubshare; root cause: inadequate access control enforcement...
CVE-2022-39018 Broken access controls on PDFtron data in M-Files Hubshare
Broken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL...
CVE-2022-39019 Broken access controls on PDFtron WebviewerUI in M-Files Hubshare
Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server...
CVE-2022-39019
CVE-2022-39019 affects M-Files Hubshare prior to 3.3.11.3, with broken access controls in PDFtron WebviewerUI allowing unauthenticated attackers to upload malicious files to the application server. Multiple sources (NVD, CVE listings, PT-SECURITY) corroborate the issue and version range. The root...
CVE-2022-39019 Broken access controls on PDFtron WebviewerUI in M-Files Hubshare
Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server...
CVE-2022-39016 Javascript injection in PDFtron in M-Files Hubshare
Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload...
CVE-2022-39016 Javascript injection in PDFtron in M-Files Hubshare
Javascript injection in PDFtron in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to perform an account takeover via a crafted PDF upload...
CVE-2022-39016
The CVE-2022-39016 issue affects M‑Files Hubshare prior to 3.3.10.9, where a Javascript injection in PDFtron enables an authenticated attacker to perform an account takeover via a crafted PDF upload. Impact is described as takeover with high confidentiality, integrity, and availability implicatio...
M-Files Hubshare 安全漏洞
M-Files Hubshare is a collaboration solution from M-Files, Inc. designed to seamlessly share files, documents and collaborative content. A security vulnerability exists in M-Files Hubshare versions prior to 3.3.11.3, which stems from poor access control in its PDFtron WebviewerUI allowing...
PT-2022-24675 · M Files +1 · M-Files Hubshare +1
Name of the Vulnerable Software and Affected Versions: M-Files Hubshare versions prior to 3.3.11.3 Description: The issue concerns broken access controls on PDFtron WebviewerUI in M-Files Hubshare, allowing unauthenticated attackers to upload malicious files to the application server...
M-Files Hubshare 注入漏洞
M-Files Hubshare is a collaboration solution from M-Files, Inc. designed to seamlessly share files, documents and collaborative content. A security vulnerability exists in M-Files Hubshare versions prior to 3.3.10.9, which stems from a vulnerability in its PDFtron that allows an authenticated...
The vulnerability of PDFTron software components, used by Autodesk for modeling, design, and drafting, allows a hacker to execute arbitrary code.
The vulnerability of PDFTron software components, used by Autodesk for modeling, design, and drawing tasks, involves unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to execute arbitrary code during PDF file analysis...
CVE-2022-27871
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...
CVE-2022-27871
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...
CVE-2022-27871
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...
Code injection
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...
CVE-2022-27871
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code...
CVE-2022-27871
CVE-2022-27871 affects Autodesk AutoCAD product suite, Revit, Design Review and Navisworks when using PDFTron prior to 9.1.17. The root cause is a boundary error while parsing PDF files, which can allow writing beyond the allocated buffer. This may enable arbitrary code execution on the affected ...
CVE-2022-27527
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files. It was fixed in PDFTron earlier than 9.0.7 version in Autodesk Navisworks 2022, and 2020...