202 matches found
CVE-2024-52510
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Deskt...
CVE-2023-23942
The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml labels which are used for basic HTML elements such as strong, em and head lines in the UI of the desktop client. The lack of sanitisation...
CVE-2025-47792
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
CVE-2025-47792
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
DEBIAN-CVE-2025-47792
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
UBUNTU-CVE-2025-47792
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
CVE-2025-47792 Nextcloud Desktop 3rdparty applications can create share links via socket API
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
CVE-2025-47792 Nextcloud Desktop 3rdparty applications can create share links via socket API
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
CVE-2025-47792
Nextcloud Desktop prior to version 3.15 is affected: 3rd-party applications already installed on a user machine can create link shares for nearly all data through the socket API, enabling exfiltration to external services. The vulnerability’s impact is rated high for confidentiality and low for i...
CVE-2025-47792
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
CVE-2025-47792 Nextcloud Desktop 3rdparty applications can create share links via socket API
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
Nextcloud Desktop Client 访问控制错误漏洞
Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. An access control error vulnerability exists in versions prior to Nextcloud Desktop Client 3.15, which stems from a third-party application that can create linked shares via the socket API,...
PT-2025-21658
Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop versions prior to 3.15 Description: The issue affects Nextcloud Desktop, allowing 3rd party applications to create link shares for almost all data via the socket API. These shares can then be sent to an external service...
Linux Distros Unpatched Vulnerability : CVE-2024-52510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed...
Linux Distros Unpatched Vulnerability : CVE-2023-23942
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml...
Linux Distros Unpatched Vulnerability : CVE-2022-39332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via us...
Linux Distros Unpatched Vulnerability : CVE-2023-29000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the...
Linux Distros Unpatched Vulnerability : CVE-2023-28997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server...
Linux Distros Unpatched Vulnerability : CVE-2023-28998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server...
Linux Distros Unpatched Vulnerability : CVE-2022-39331
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the...