13 matches found
PT-2026-45527
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the files lock app did not properly validate the ownership of files when processing DAV lock and unlock requests. An authenticated user could lock or...
CVE-2023-40312
Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30...
CVE-2023-40612
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file editor which is accessible to any user with ROLEFILESYSTEMEDITOR privileges is vulnerable to XXE injection attacks. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation...
Fedora 44 : nextcloud (2025-7534523367)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-7534523367 advisory. Automatic update for nextcloud-32.0.2-1.fc44. Changelog Mon Nov 24 2025 Andrew Bauer - 32.0.2-1 - 32.0.2 release RHBZ2416087 RHBZ2415750 RHBZ2415751...
CVE-2023-40612 Authenticated XXE Injection Via The File Editor
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file editor which is accessible to any user with ROLEFILESYSTEMEDITOR privileges is vulnerable to XXE injection attacks. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation...
CVE-2023-40612 Authenticated XXE Injection Via The File Editor
In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file editor which is accessible to any user with ROLEFILESYSTEMEDITOR privileges is vulnerable to XXE injection attacks. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation...
OpenNMS Horizon 安全漏洞
OpenNMS Horizon is an open source solution from OpenNMS that helps you visualize and monitor everything on your local and remote networks. A security vulnerability exists in OpenNMS Horizon versions prior to 32.0.2, which stems from the fact that any user with the ROLEFILESYSTEMEDITOR privilege c...
Opennms Group OpenNMS 安全漏洞
Opennms Group OpenNMS is an open source, enterprise-grade network monitoring and network management platform from the US-based Opennms Group. A security vulnerability exists in OpenNMS versions prior to 32.0.2, which stems from an escalation of privilege vulnerability...
PT-2023-27376 · Opennms · Opennms Meridian +1
Name of the Vulnerable Software and Affected Versions: OpenNMS Horizon versions prior to 32.0.2 OpenNMS Meridian versions prior to 2023.1.6 OpenNMS Meridian versions prior to 2022.1.19 OpenNMS Meridian versions prior to 2021.1.30 OpenNMS Meridian versions prior to 2020.1.38 Description: A BeanShe...
PT-2023-27378 · Opennms · Opennms Horizon +1
Name of the Vulnerable Software and Affected Versions: OpenMNS Horizon versions 31.0.8 through 32.0.2 Meridian versions prior to 2023.1.5 Description: The issue allows any user with the ROLE FILESYSTEM EDITOR to easily escalate their privileges to ROLE ADMIN or any other role. The affected softwa...
CVE-2023-40311
Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....
OpenNMS Horizon Cross-Site Scripting Vulnerability
OpenNMS Horizon is an open source solution from OpenNMS, Inc. that helps you visualize and monitor everything on your local and remote networks. A security vulnerability exists in OpenNMS Horizon versions 31.0.8 through 32.0.2 that stems from a parameter not being cleaned...
OpenNMS Horizon Cross-Site Scripting Vulnerability
OpenNMS Horizon is an open source solution from OpenNMS, Inc. that helps you visualize and monitor all content on your local and remote networks. A security vulnerability exists in OpenNMS Horizon that stems from a reflected cross-site scripting XSS vulnerability in the parameters of multiple JSP...