5019 matches found
Windmill/Nextcloud Flow < 1.603.3 - Unauthenticated Path Traversal
Windmill 1.603.3 contains a path traversal caused by unsanitized filename parameter in getlogfile endpoint, letting unauthenticated attackers read arbitrary files on the server, exploit requires no authentication. id: CVE-2026-29059 info: name: Windmill/Nextcloud Flow 1.603.3 - Unauthenticated Pa...
CVE-2026-55599 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-55599 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2016-10744 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-RF66-HMQF-Q3FC vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2016-10744 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-RF66-HMQF-Q3FC vulnerabilities
Vulnerabilities for packages: nextcloud-server...
[SECURITY] Fedora 43 Update: nextcloud-33.0.6-1.fc43
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
GHSA-V6WH-96G9-6WX3 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-FX2H-PF6J-XCFF vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-53571 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-53632 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-52782
OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is an IDOR through /projects//settings/projectstorages/ via PATCH parameter "storagesprojectstorageprojectfolderid" leads to Access to Unauthorized Resources. A project-admin in one project can...
CVE-2026-52782
OpenProject versions prior to 17.3.3 and 17.4.1 are affected by an IDOR in /projects//settings/project_storages/ via PATCH parameter storages_project_storage[project_folder_id], allowing a project-admin to hijack another project’s managed Nextcloud/OneDrive folder on the same storage. The vulnera...
PT-2026-52913
Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 17.3.3 OpenProject versions prior to 17.4.1 Description An Insecure Direct Object Reference IDOR exists in the project storage settings. A project administrator can gain unauthorized access to the managed Nextclou...
GHSA-38CX-CQ6F-5755 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-48736 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-38CX-CQ6F-5755 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-48736 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-WPWQ-4J6V-78M3 vulnerabilities
Vulnerabilities for packages: drupal, nextcloud-server, privatebin...