Vulnerabilities > Claris
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-14 | CVE-2024-27790 | Unspecified vulnerability in Claris Filemaker Server Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server. | 7.5 |
| 2024-05-14 | CVE-2023-42955 | Insufficiently Protected Credentials vulnerability in Claris Filemaker Server Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. | 4.9 |
| 2024-04-15 | CVE-2024-27794 | Cross-site Scripting vulnerability in Claris Filemaker Server Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. | 6.1 |
| 2024-03-21 | CVE-2023-42954 | Unspecified vulnerability in Claris PRO and Filemaker Server A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. | 4.9 |
| 2024-03-19 | CVE-2023-42920 | Unspecified vulnerability in Claris PRO and Filemaker PRO Claris International has fixed a dylib hijacking vulnerability in the FileMaker Pro.app and Claris Pro.app versions on macOS. | 7.8 |
| 2021-11-22 | CVE-2021-44147 | XXE vulnerability in Claris Filemaker PRO and Filemaker Server An XML External Entity issue in Claris FileMaker Pro and Server (including WebDirect) before 19.4.1 allows a remote attacker to disclose local files via a crafted XML/Excel document and perform server-side request forgery attacks. | 5.5 |
| 2020-02-11 | CVE-2014-8347 | Improper Authentication vulnerability in Claris Filemaker PRO and Filemaker PRO Advanced An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevated privileges. | 7.8 |