202 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-28997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server...
CVE-2021-37617
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there are no remnants of previous installations. In versions 3.0.3 through 3.2.4, the Client searches th...
PT-2025-49298
Name of the Vulnerable Software and Affected Versions Nextcloud Desktop versions prior to 3.16.5 Description Nextcloud Desktop is a desktop sync client for Nextcloud. Before version 3.16.5, the file path was transmitted unencrypted when attempting to manually lock a file within an end-to-end...
DEBIAN-CVE-2024-52510
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Deskt...
CVE-2024-52510
The CVE-2024-52510 issue affects the Nextcloud Desktop Client. A vulnerability exists where the client would bypass signature validation if the server sends an empty initial end-to-end signature, allowing potential integrity concerns without stopping at error. Affected software: Nextcloud Desktop...
CVE-2024-52510 Nextcloud Desktop client behaves incorrectly if the initial end-to-end-encryption signature is empty
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. The Desktop client did not stop with an error but allowed by-passing the signature validation, if a manipulated server sends an empty initial signature. It is recommended that the Nextcloud Deskt...
PT-2024-35349 · Nextcloud +1 · Nextcloud Desktop Client +1
Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop Client versions prior to 3.14.2 Description: The issue concerns the Nextcloud Desktop Client, a tool used to synchronize files from Nextcloud Server with a computer. It was found that the Desktop client did not stop with an...
Nextcloud Desktop Client 信任管理问题漏洞
Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. A trust management issue vulnerability exists in Nextcloud Desktop Client that stems from the fact that if a manipulated server sends an empty initial signature, the desktop client does not stop...
SUSE CVE-2024-46958
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...
DEBIAN-CVE-2024-46958
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...
UBUNTU-CVE-2024-46958
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...
Nextcloud Desktop Client 安全漏洞
Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany.Nextcloud Desktop Client is a desktop client application for Nextcloud. A security vulnerability exists in Nextcloud Desktop Client versions 3.13.1 through...
SUSE CVE-2024-37885
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLDINSERTLIBRARIES set in the enviroment. It is recommended that the Nextcloud...
CVE-2024-37885
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLDINSERTLIBRARIES set in the enviroment. It is recommended that the Nextcloud...
CVE-2024-37885
CVE-2024-37885 concerns the Nextcloud Desktop Client for macOS. A code injection vulnerability allows loading arbitrary code when the client is launched with the environment variable DYLD_INSERT_LIBRARIES set, as reported for versions prior to 3.12.0. The issue stems from how the macOS client han...
CVE-2024-37885 Code injection in Nextcloud Desktop Client for macOS
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. A code injection in Nextcloud Desktop Client for macOS allowed to load arbitrary code when starting the client with DYLDINSERTLIBRARIES set in the enviroment. It is recommended that the Nextcloud...
SUSE CVE-2023-28998
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new...
Security update for nextcloud-desktop (important)
openSUSE Security Update: Security update for nextcloud-desktop Announcement ID: openSUSE-SU-2023:0171-1 Rating: important References: 1205798 1205799 1205800 1205801 1207976 Cross-References: CVE-2022-39331 CVE-2022-39332 CVE-2022-39333 CVE-2022-39334 CVE-2023-23942 CVSS scores: CVE-2022-39331 N...
Security update for nextcloud-desktop (important)
openSUSE Security Update: Security update for nextcloud-desktop Announcement ID: openSUSE-SU-2023:0090-1 Rating: important References: 1201070 1205798 1205799 1205800 1205801 1207976 Cross-References: CVE-2022-39331 CVE-2022-39332 CVE-2022-39333 CVE-2022-39334 CVE-2023-23942 CVSS scores:...
SUSE CVE-2023-28997
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can recover and modify the contents of end-to-end encrypted files. Users should upgrade the Nextcloud Desktop client to 3.6.5...