4993 matches found
Windmill/Nextcloud Flow < 1.603.3 - Unauthenticated Path Traversal
Windmill 1.603.3 contains a path traversal caused by unsanitized filename parameter in getlogfile endpoint, letting unauthenticated attackers read arbitrary files on the server, exploit requires no authentication. id: CVE-2026-29059 info: name: Windmill/Nextcloud Flow 1.603.3 - Unauthenticated Pa...
CVE-2026-52782
OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is an IDOR through /projects//settings/projectstorages/ via PATCH parameter "storagesprojectstorageprojectfolderid" leads to Access to Unauthorized Resources. A project-admin in one project can...
CVE-2026-52782
OpenProject versions prior to 17.3.3 and 17.4.1 are affected by an IDOR in /projects//settings/project_storages/ via PATCH parameter storages_project_storage[project_folder_id], allowing a project-admin to hijack another project’s managed Nextcloud/OneDrive folder on the same storage. The vulnera...
CVE-2026-48736 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-38CX-CQ6F-5755 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-38CX-CQ6F-5755 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-48736 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-55767 vulnerabilities
Vulnerabilities for packages: privatebin, nextcloud-server, drupal...
CVE-2026-55766 vulnerabilities
Vulnerabilities for packages: privatebin, nextcloud-server, drupal...
CVE-2026-55568 vulnerabilities
Vulnerabilities for packages: privatebin, nextcloud-server, drupal...
GHSA-WPWQ-4J6V-78M3 vulnerabilities
Vulnerabilities for packages: privatebin, nextcloud-server, drupal...
GHSA-CWXW-98QJ-8QJX vulnerabilities
Vulnerabilities for packages: privatebin, nextcloud-server, drupal...
GHSA-VM85-HXW5-5432 vulnerabilities
Vulnerabilities for packages: privatebin, nextcloud-server, drupal...
GHSA-M557-WRGG-6RP4 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-WPWQ-4J6V-78M3 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-VM85-HXW5-5432 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-HQ7V-MX3G-29HW vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-34XG-WGJX-8XPH vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-55568 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-M557-WRGG-6RP4 vulnerabilities
Vulnerabilities for packages: nextcloud-server...