CVE-2026-45810 Nextcloud: Propfind requests for file comments allowed to load comments for other files

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.12, and 32.0.0 to before 32.0.3, a missing check of a relation allowed authenticated users with access to any file comment, to read the content of all comments. It is recommended th...

EUVD-2026-33720

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.12, and 32.0.0 to before 32.0.3, a missing check of a relation allowed authenticated users with access to any file comment, to read the content of all comments. It is recommended th...

PT-2026-45524

Name of the Vulnerable Software and Affected Versions Nextcloud Server versions 31.0.0 through 31.0.13 Nextcloud Server versions 32.0.0 through 32.0.3 Nextcloud Enterprise Server versions prior to 28.0.14.15 Nextcloud Enterprise Server versions prior to 29.0.17.12 Nextcloud Enterprise Server...

Fedora 42 : nextcloud (2025-519240c972)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-519240c972 advisory. 32.0.3 release, fixes RHBZ 2420196 RHBZ 2420197 RHBZ 2420198 RHBZ 2421368 Tenable has extracted the preceding description block directly from the...

EUVD-2025-201449

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Server Enterprise prior to 31.0.12 and 32.0.3, a missing sanitization allowed malicious users to circumvent the content security policy when a malicious user manages to trick a user it viewing an uploaded SVG outside...

CVE-2025-66512 Nextcloud Server vulnerable to XSS in SVG images when opened outside of Nextcloud

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Server Enterprise prior to 31.0.12 and 32.0.3, a missing sanitization allowed malicious users to circumvent the content security policy when a malicious user manages to trick a user it viewing an uploaded SVG outside...

CVE-2025-66512 Nextcloud Server vulnerable to XSS in SVG images when opened outside of Nextcloud

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Server Enterprise prior to 31.0.12 and 32.0.3, a missing sanitization allowed malicious users to circumvent the content security policy when a malicious user manages to trick a user it viewing an uploaded SVG outside...

CVE-2025-66512 Nextcloud Server vulnerable to XSS in SVG images when opened outside of Nextcloud

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Server Enterprise prior to 31.0.12 and 32.0.3, a missing sanitization allowed malicious users to circumvent the content security policy when a malicious user manages to trick a user it viewing an uploaded SVG outside...

Mozilla Firefox RSA Spoof Vulnerability (Sep 2014) - Mac OS X

Mozilla Firefox is prone to spoofing vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox"; ifdescripti...