Lucene search
K

202 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:35 a.m.6 views

CVE-2024-52510

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Deskt...

7.5CVSS6.6AI score0.00728EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:41 a.m.4 views

CVE-2023-23942

The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml labels which are used for basic HTML elements such as strong, em and head lines in the UI of the desktop client. The lack of sanitisation...

6.1CVSS6.7AI score0.00657EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/18 2:15 p.m.11 views

CVE-2025-47792

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

6.1CVSS6.8AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2025/05/16 3:15 p.m.14 views

CVE-2025-47792

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

6.1CVSS0.00152EPSS
Exploits0References3
OSV
OSV
added 2025/05/16 3:15 p.m.3 views

DEBIAN-CVE-2025-47792

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

6.1CVSS5.3AI score0.00152EPSS
Exploits0References1
OSV
OSV
added 2025/05/16 3:15 p.m.2 views

UBUNTU-CVE-2025-47792

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

6.1CVSS5.8AI score0.00152EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/05/16 2:13 p.m.15 views

CVE-2025-47792 Nextcloud Desktop 3rdparty applications can create share links via socket API

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

5CVSS7AI score0.00152EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/16 2:13 p.m.22 views

CVE-2025-47792 Nextcloud Desktop 3rdparty applications can create share links via socket API

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

5CVSS0.00152EPSS
Exploits0References3
CVE
CVE
added 2025/05/16 2:13 p.m.51 views

CVE-2025-47792

Nextcloud Desktop prior to version 3.15 is affected: 3rd-party applications already installed on a user machine can create link shares for nearly all data through the socket API, enabling exfiltration to external services. The vulnerability’s impact is rated high for confidentiality and low for i...

6.1CVSS5.1AI score0.00152EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2025/05/16 2:13 p.m.8 views

CVE-2025-47792

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

6.1CVSS5.3AI score0.00152EPSS
Exploits0
OSV
OSV
added 2025/05/16 2:13 p.m.7 views

CVE-2025-47792 Nextcloud Desktop 3rdparty applications can create share links via socket API

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

5CVSS6.5AI score0.00152EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.5 views

Nextcloud Desktop Client 访问控制错误漏洞

Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. An access control error vulnerability exists in versions prior to Nextcloud Desktop Client 3.15, which stems from a third-party application that can create linked shares via the socket API,...

6.1CVSS6.4AI score0.00152EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/16 12:0 a.m.4 views

PT-2025-21658

Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop versions prior to 3.15 Description: The issue affects Nextcloud Desktop, allowing 3rd party applications to create link shares for almost all data via the socket API. These shares can then be sent to an external service...

6.1CVSS5.1AI score0.00152EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-52510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed...

7.5CVSS5.7AI score0.00728EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-23942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions prior to 3.6.3 are missing sanitisation on qml...

6.1CVSS6.1AI score0.00657EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-39332

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via us...

5.4CVSS6.2AI score0.00884EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-29000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the...

6.5CVSS6.4AI score0.00388EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-28997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server...

6.7CVSS6.4AI score0.01113EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-28998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server...

6.7CVSS6.4AI score0.00679EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2022-39331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the...

5.4CVSS6.2AI score0.00864EPSS
Exploits1References2
Rows per page
Query Builder