VYPR
Vendor

Claris

Products
3
CVEs
6
Across products
7
Status
Private

Products

3

Recent CVEs

6
  • CVE-2026-43685HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    A Remote Code Execution vulnerability in Claris FileMaker Cloud allowed a user with Admin Console privileges to inject arbitrary operating system commands through unsanitized input in the External ODBC Data Source connection test feature. This issue is fixed in FileMaker Cloud…

  • CVE-2024-27794MedApr 15, 2024
    risk 0.40cvss 6.1epss 0.00

    Claris FileMaker Server before version 20.3.2 was susceptible to a reflected Cross-Site Scripting vulnerability due to an improperly handled parameter in the FileMaker WebDirect login endpoint. The vulnerability was resolved in FileMaker Server 20.3.2 by escaping the HTML…

  • CVE-2021-44147MedNov 22, 2021
    risk 0.36cvss 5.5epss 0.01

    An XML External Entity issue in Claris FileMaker Pro and Server (including WebDirect) before 19.4.1 allows a remote attacker to disclose local files via a crafted XML/Excel document and perform server-side request forgery attacks.

  • CVE-2023-42955MedMay 14, 2024
    risk 0.32cvss 4.9epss 0.00

    Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by eliminating the send of Admin Role…

  • CVE-2023-42954MedMar 21, 2024
    risk 0.32cvss 4.9epss 0.00

    A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information to front-end websites when signed in to the Admin Console with an administrator role. This issue has been fixed in FileMaker Server 20.3.1 by reducing the information sent in…

  • CVE-2001-1531Dec 31, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename.