65 matches found
CVE-2025-46296
An authorization bypass vulnerability in FileMaker Server Admin Console allowed administrator roles with minimal privileges to access administrative features such as viewing license details and downloading application logs. This vulnerability has been fully addressed in FileMaker Server 22.0.4...
CVE-2025-46294
To enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDisable8dot3NameCreation in the Windows registry. This prevents attackers from using the tilde character to discover hidden files and directories. This...
CVE-2025-46296
CVE-2025-46296 describes an authorization bypass in the FileMaker Server Admin Console that let administrator roles with minimal privileges access administrative features (e.g., viewing license details and downloading application logs). The root cause is insufficient privilege checks as stated in...
CVE-2025-46294
The CVE describes a vulnerability in FileMaker Server relating to IIS short filename enumeration (8.3) that could enable information disclosure. Affected: FileMaker Server, prior to/including version 22.0.4; remediation is addressed in 22.0.4 with an option to disable 8.3 name creation. Root caus...
PT-2025-51765
An authorization bypass vulnerability in FileMaker Server Admin Console allowed administrator roles with minimal privileges to access administrative features such as viewing license details and downloading application logs. This vulnerability has been fully addressed in FileMaker Server 22.0.4...
PT-2025-51764
Name of the Vulnerable Software and Affected Versions Apache Commons Text versions prior to 1.10.0 FileMaker Server versions prior to 22.0.4 Description Apache Commons Text versions prior to 1.10.0 contain interpolation features that could be exploited when applications process untrusted input...
FileMaker Server 安全漏洞
FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server that stems from insufficient privilege checking and could lead to elevation of privilege...
FileMaker Server 安全漏洞
FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server, which stems from the IIS short filename enumeration feature and could lead to information disclosure...
FileMaker Server 安全漏洞
FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server that stems from improper handling of the Text Replacement API, which could lead to remote code execution...
CVE-2024-27790
Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...
CVE-2024-27794
Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML contents of the login...
CVE-2023-42954
A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in requests...
CVE-2023-42955
Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...
CVE-2024-27790
Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...
CVE-2024-27790
Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. This issue has been fixed in FileMaker Server 20.3.2 by validating transactions before replying to client requests...
CVE-2023-42955
Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...
CVE-2023-42955
Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role passwords in the...
FileMaker Server 安全漏洞
FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in FileMaker Server versions prior to 20.3.1. An attacker can exploit the vulnerability to obtain passwords...
FileMaker Server 安全漏洞
FileMaker Server is an enterprise-class database server software from FileMaker, Inc. for managing and sharing FileMaker databases. A security vulnerability exists in Claris FileMaker Server versions prior to 20.3.2 that stems from allowing unauthorized access to storage...
CVE-2024-27790
CVE-2024-27790 affects Claris FileMaker Server: an issue that could allow unauthorized access to records stored in databases hosted on the server. The root cause is addressed by validating transactions before replying to client requests, and a fix is available in FileMaker Server 20.3.2. Affected...