Lucene search
K

137 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-22879

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote...

8.8CVSS7.5AI score0.04698EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-8227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicat...

7.1CVSS6.5AI score0.2245EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-32728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature...

6.5CVSS6.3AI score0.00851EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:35 a.m.6 views

CVE-2024-52510

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Deskt...

7.5CVSS6.6AI score0.00728EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-52510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed...

7.5CVSS5.9AI score0.00728EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-39333

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application. It is...

6.1CVSS6.4AI score0.00882EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-28998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server...

6.7CVSS6.4AI score0.00679EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-28997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server...

6.7CVSS6.4AI score0.01113EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-39332

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via us...

5.4CVSS6.3AI score0.00884EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-23942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml...

6.1CVSS6.1AI score0.00657EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-29000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the...

6.5CVSS6.4AI score0.00388EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/06 4:49 a.m.22 views

CVE-2021-37617

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there are no remnants of previous installations. In versions 3.0.3 through 3.2.4, the Client searches th...

7.3CVSS6.4AI score0.00474EPSS
Exploits0References1
OSV
OSV
added 2024/11/15 6:15 p.m.5 views

DEBIAN-CVE-2024-52510

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Deskt...

7.5CVSS5.3AI score0.00728EPSS
Exploits0References1
OSV
OSV
added 2024/11/15 5:29 p.m.17 views

CVE-2024-52510 Nextcloud Desktop client behaves incorrectly if the initial end-to-end-encryption signature is empty

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Deskt...

4.2CVSS6.5AI score0.00728EPSS
Exploits0References6
CVE
CVE
added 2024/11/15 5:29 p.m.72 views

CVE-2024-52510

The CVE-2024-52510 issue affects the Nextcloud Desktop Client. A vulnerability exists where the client would bypass signature validation if the server sends an empty initial end-to-end signature, allowing potential integrity concerns without stopping at error. Affected software: Nextcloud Desktop...

7.5CVSS4.2AI score0.00728EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.5 views

PT-2024-35349 · Nextcloud +1 · Nextcloud Desktop Client +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop Client versions prior to 3.14.2 Description: The issue concerns the Nextcloud Desktop Client, a tool used to synchronize files from Nextcloud Server with a computer. It was found that the Desktop client did not stop with an...

4.2CVSS4.8AI score0.00728EPSS
Exploits0References19
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.6 views

Nextcloud Desktop Client 信任管理问题漏洞

Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. A trust management issue vulnerability exists in Nextcloud Desktop Client that stems from the fact that if a manipulated server sends an empty initial signature, the desktop client does not stop...

7.5CVSS6.4AI score0.00728EPSS
Exploits0References5
OSV
OSV
added 2024/09/16 2:15 a.m.2 views

DEBIAN-CVE-2024-46958

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...

9.1CVSS5.3AI score0.00555EPSS
Exploits0References1
OSV
OSV
added 2024/09/16 2:15 a.m.1 views

UBUNTU-CVE-2024-46958

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...

9.1CVSS5.8AI score0.00555EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/09/16 12:0 a.m.7 views

Nextcloud Desktop Client 安全漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany.Nextcloud Desktop Client is a desktop client application for Nextcloud. A security vulnerability exists in Nextcloud Desktop Client versions 3.13.1 through...

9.1CVSS6.5AI score0.00555EPSS
Exploits0References6
Rows per page
Query Builder