M-Files Corporation"

6 Products 15 CVEs

CVE Severity Distribution (All Time)

Critical

High

Medium

Low

Timeline Overview

Last 30 Days 0 CVEs

Last 6 Months 0 CVEs

Last Year 8 CVEs

Products

View all

Recent CVEs

View all

CVE-2024-10126 UNKNOWN 7 months, 2 weeks ago

Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1, 24.2 SR3 and 23.8 SR7) allows an authenticated use…

CVE-2024-10127 UNKNOWN 7 months, 2 weeks ago

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11 supported usage of OpenLDAP configurations that allowe…

CVE-2024-11176 UNKNOWN 7 months, 2 weeks ago

Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an authenticated user to access object information via incorre…

CVE-2024-9333 UNKNOWN 9 months ago

Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorre…

CVE-2024-9174 UNKNOWN 9 months ago

Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI

CVE-2024-6789 UNKNOWN 10 months, 1 week ago

A path traversal issue in API endpoint in M-Files Server before version 24.8.13981.0 and LTS 24.2.13421.15 SR2 and LTS 23.8.12892.0 SR6 allows authen…

CVE-2024-6124 UNKNOWN 11 months, 1 week ago

Reflected XSS in M-Files Hubshare before version 5.0.6.0 allows an attacker to execute arbitrary JavaScript code in the context of the victim's brows…

CVE-2024-6881 UNKNOWN 11 months, 1 week ago

Stored XSS in M-Files Hubshare versions before 5.0.6.0 allows an authenticated attacker to execute arbitrary JavaScript in user's browser session

M-Files Corporation"

CVE Severity Distribution (All Time)

Timeline Overview

Products

M-Files Server

Hubshare

M-Files Aino

M-Files Web

M-Files Connector for Copilot

Recent CVEs