15 matches found
EUVD-2023-33964
Malicious code in bioql PyPI...
EUVD-2022-52127
Malicious code in bioql PyPI...
CVE-2023-2480
Missing access permissions checks in M-Files Client before 23.5.12598.0 excluding 23.2 SR2 and newer allows elevation of privilege via UI extension applications...
CVE-2023-2480
Missing access permissions checks in M-Files Client before 23.5.12598.0 excluding 23.2 SR2 and newer allows elevation of privilege via UI extension applications...
CVE-2023-2480
Missing access permissions checks in M-Files Client before 23.5.12598.0 excluding 23.2 SR2 and newer allows elevation of privilege via UI extension applications...
CVE-2023-2480
CVE-2023-2480 affects M-Files Client prior to 23.5.12598.0 (excluding 23.2 SR2 and newer). The root cause is missing access permission checks, enabling elevation of privilege via UI extension applications. Impact is practical privilege escalation. Remediation: upgrade to 23.5.12598.0 or later. Ot...
M-Files 安全漏洞
M-Files is an innovative metadata-driven document management platform from M-Files, Inc. A security vulnerability exists in M-Files Client prior to version 23.5.12598.0, which stems from a lack of access rights checking that allows elevation of privileges via UI application extensions...
PT-2023-19787 · M Files · M-Files Client
Name of the Vulnerable Software and Affected Versions: M-Files Client versions prior to 23.5.12598.0 Description: The issue is related to missing access permissions checks in the M-Files Client, which allows elevation of privilege via UI extension applications. Recommendations: For versions prior...
CVE-2022-4861
Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows high privileged user to get other users tokens to another resource...
CVE-2022-4861
Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows high privileged user to get other users tokens to another resource...
CVE-2022-4861
Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows high privileged user to get other users tokens to another resource...
CVE-2022-4861
CVE-2022-4861 maps to an authentication flaw in M-Files Client. Connected PT-2022-28147 confirms the issue affects M-Files Client prior to 22.5.11356.0 (and also mentions Server impact). Root cause: incorrect implementation in the authentication protocol that enables a high-privileged user to obt...
CVE-2022-4861 Incorrect Implementation of Authentication Algorithm
Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows high privileged user to get other users tokens to another resource...
M-Files Client 授权问题漏洞
M-Files is an innovative metadata-driven document management platform from M-Files, Inc. A security vulnerability exists in M-Files Client versions prior to 22.5.11356.0 that stems from an incorrect implementation of the authentication protocol and allows an elevated privilege user to obtain...
PT-2022-28147
Name of the Vulnerable Software and Affected Versions M-Files Client versions prior to 22.5.11356.0 M-Files Server versions prior to 22.5.11356.0 Description The issue is related to an incorrect implementation in the authentication protocol, allowing a high-privileged user to obtain other users'...