Lucene search
K

65 matches found

Vulnrichment
Vulnrichment
added 2025/12/16 6:7 p.m.3 views

CVE-2025-46296

An authorization bypass vulnerability in FileMaker Server Admin Console allowed administrator roles with minimal privileges to access administrative features such as viewing license details and downloading application logs. This vulnerability has been fully addressed in FileMaker Server 22.0.4...

6.5AI score0.00142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/16 6:7 p.m.2 views

CVE-2025-46294

To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCreation in the Windows registry. This prevents attackers from using the tilde character to discover hidden files and directories. This...

6.3AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2025/12/16 6:7 p.m.14 views

CVE-2025-46296

CVE-2025-46296 describes an authorization bypass in the FileMaker Server Admin Console that let administrator roles with minimal privileges access administrative features (e.g., viewing license details and downloading application logs). The root cause is insufficient privilege checks as stated in...

5.4CVSS6.5AI score0.00142EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/12/16 6:7 p.m.18 views

CVE-2025-46294

The CVE describes a vulnerability in FileMaker Server relating to IIS short filename enumeration (8.3) that could enable information disclosure. Affected: FileMaker Server, prior to/including version 22.0.4; remediation is addressed in 22.0.4 with an option to disable 8.3 name creation. Root caus...

5.3CVSS6.3AI score0.00197EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.4 views

PT-2025-51765

An authorization bypass vulnerability in FileMaker Server Admin Console allowed administrator roles with minimal privileges to access administrative features such as viewing license details and downloading application logs. This vulnerability has been fully addressed in FileMaker Server 22.0.4...

5.4CVSS6.9AI score0.00142EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.8 views

PT-2025-51764

Name of the Vulnerable Software and Affected Versions Apache Commons Text versions prior to 1.10.0 FileMaker Server versions prior to 22.0.4 Description Apache Commons Text versions prior to 1.10.0 contain interpolation features that could be exploited when applications process untrusted input...

10CVSS7.9AI score0.00919EPSS
Exploits0References17
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.12 views

FileMaker Server 安全漏洞

FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server that stems from insufficient privilege checking and could lead to elevation of privilege...

5.4CVSS6.7AI score0.00142EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.5 views

FileMaker Server 安全漏洞

FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server, which stems from the IIS short filename enumeration feature and could lead to information disclosure...

5.3CVSS6.4AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.5 views

FileMaker Server 安全漏洞

FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server that stems from improper handling of the Text Replacement API, which could lead to remote code execution...

9.8CVSS7.8AI score0.00919EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:20 a.m.7 views

CVE-2024-27790

Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...

7.5CVSS6.7AI score0.00462EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:14 a.m.5 views

CVE-2024-27794

Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...

6.1CVSS6.2AI score0.00308EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:22 a.m.10 views

CVE-2023-42954

A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests...

6.5CVSS6.8AI score0.00447EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:22 a.m.11 views

CVE-2023-42955

Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...

6.1CVSS6.8AI score0.0045EPSS
Exploits0
NVD
NVD
added 2024/05/14 3:13 p.m.27 views

CVE-2024-27790

Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...

7.5CVSS6.3AI score0.00462EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 3:13 p.m.4 views

CVE-2024-27790

Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...

7.5CVSS5.7AI score0.00462EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 1:46 p.m.21 views

CVE-2023-42955

Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...

6.1CVSS6.4AI score0.0045EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 1:46 p.m.3 views

CVE-2023-42955

Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...

4.9CVSS5.7AI score0.0045EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

FileMaker Server 安全漏洞

FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server versions prior to 20.3.1. An attacker can exploit the vulnerability to obtain passwords...

6.1CVSS6.6AI score0.0045EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

FileMaker Server 安全漏洞

FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in Claris FileMaker Server versions prior to 20.3.2 that stems from allowing unauthorized access to storage...

7.5CVSS6.6AI score0.00462EPSS
Exploits0References2
CVE
CVE
added 2024/04/26 3:33 p.m.44 views

CVE-2024-27790

CVE-2024-27790 affects Claris FileMaker Server: an issue that could allow unauthorized access to records stored in databases hosted on the server. The root cause is addressed by validating transactions before replying to client requests, and a fix is available in FileMaker Server 20.3.2. Affected...

7.5CVSS6.5AI score0.00462EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder