61 matches found
CVE-2019-5451
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time...
CVE-2019-5452
Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved...
CVE-2019-5450
Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...
CVE-2019-15622
Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an attacker to get content information from protected tables when using custom queries...
CVE-2023-28646 App lockout in nextcloud Android app can be bypassed via thirdparty apps
Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from 3.7.0 and before 3.24.1 an attacker that has access to the unlocked physical device can bypass the Nextcloud Android Pin/passcode protection via a thirdparty app. This allows to see meta...
Nextcloud Android app 安全漏洞
The Nextcloud Android app is an Android-based mobile application for accessing Nextcloud servers from Nextcloud Germany. A security vulnerability exists in Nextcloud android version 3.7.0 up to and including version 3.24.1, which stems from the ability to bypass Nextcloud Android Pin/passcode...
PT-2023-21871 · Nextcloud · Nextcloud Android App
Name of the Vulnerable Software and Affected Versions: Nextcloud Android versions 3.7.0 through 3.24.0 Description: The Nextcloud Android app has a security issue that allows an attacker with access to an unlocked physical device to bypass the Pin/passcode protection using a third-party app. This...
Nextcloud Android app 路径遍历漏洞
The Nextcloud Android app is an Android-based mobile application for accessing Nextcloud servers from Nextcloud Germany. A path traversal vulnerability exists in versions of the Nextcloud Android app prior to 3.21.0, which stems from an improperly protected internal path to an application file,...
CVE-2022-24886 Exposure of Sensitive Information to an Unauthorized Actor in com.nextcloud.client
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. In versions prior to 3.19.0, any application with notification permission can access contacts if Nextcloud has access to Contacts without applying for the Contacts permission itself. Version 3.19.0...
PT-2022-16956 · Nextcloud · Nextcloud Android App
Name of the Vulnerable Software and Affected Versions: Nextcloud Android app versions prior to 3.19.0 Description: The issue allows any application with notification permission to access contacts if Nextcloud has access to Contacts, without the application needing to apply for the Contacts...
Nextcloud Android app 信息泄露漏洞
Nextcloud Android app is an Android-based mobile application for accessing Nextcloud servers from the German company Nextcloud. nextcloud Android app versions prior to 3.19.0 are vulnerable to an information disclosure vulnerability that stems from insufficient privilege restrictions. An attacker...
CVE-2021-41166
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required MANAGEDOCUMENTS permission may view image thumbnails...
Information disclosure
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required MANAGEDOCUMENTS permission may view image thumbnails...
CVE-2021-41166 Permission bypass in Nextcloud Android App
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required MANAGEDOCUMENTS permission may view image thumbnails...
CVE-2021-41166 Permission bypass in Nextcloud Android App
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required MANAGEDOCUMENTS permission may view image thumbnails...
Permission bypass in DiskLruImageCacheFileProvider (GHSL-2021-1008)
None...
Nextcloud Android app 信息泄露漏洞
Nextcloud Android app is an Android-based mobile application for accessing Nextcloud servers from the German company Nextcloud. information disclosure in versions of Nextcloud Android app prior to 3.17.1, the vulnerability stems from a network system or product that has a configuration and other...
CVE-2021-43863
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the providers FileContentProvider and DiskLruImageCacheFileProvider have security issues an SQL...
CVE-2021-43863 SQL Injection in FileContentProvider (GHSL-2021-1007)
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the providers FileContentProvider and DiskLruImageCacheFileProvider have security issues an SQL...
Nextcloud Android app SQL注入漏洞
Nextcloud Android app is an Android-based mobile application from Nextcloud Germany for accessing Nextcloud servers. nextcloud Android app is vulnerable to SQL injection, a vulnerability that stems from the lack of validation of externally entered SQL statements in database-based applications. An...