Lucene search
K

1086 matches found

Positive Technologies
Positive Technologies
added 2017/04/05 12:0 a.m.4 views

PT-2017-10686 · Nextcloud · Nextcloud Server

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 9.0.55 Nextcloud Server versions prior to 10.0.2 Description: The issue allows an adversary with access to a write-only share to enumerate the names of existing files and subfolders by comparing exception...

4.3CVSS5.2AI score0.00899EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2017/04/05 12:0 a.m.4 views

PT-2017-10688 · Nextcloud · Nextcloud Server

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 9.0.55 Nextcloud Server versions prior to 10.0.2 Description: The issue allows an authenticated adversary to bypass quota limitations due to improper sanitization of the OC-Total-Length HTTP header values...

4.3CVSS4.9AI score0.00888EPSS
Exploits0References5
CNVD
CNVD
added 2017/03/31 12:0 a.m.3 views

Nextcloud Server and ownCloud Server Content Spoofing Vulnerabilities

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A security...

5.3CVSS6.8AI score0.02972EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/31 12:0 a.m.4 views

Nextcloud Server and ownCloud Server Content Spoofing Vulnerability (CNVD-2017-04625)

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A security...

5.3CVSS6.8AI score0.02077EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.2 views

Nextcloud Server and ownCloud Server Security Bypass Vulnerability

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A security...

8.1CVSS8.2AI score0.04095EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.3 views

Nextcloud Server and ownCloud Server Security Bypass Vulnerability (CNVD-2017-05313)

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A security...

5.3CVSS5.6AI score0.01681EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.2 views

Nextcloud Server and ownCloud Server Security Bypass Vulnerability (CNVD-2017-05314)

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A security...

4.3CVSS6.7AI score0.02EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.1 views

Nextcloud Server and ownCloud Server Cross-Site Scripting Vulnerabilities

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A cross-site...

6.1CVSS6AI score0.01493EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.7 views

Nextcloud Server and ownCloud Server Cross-Site Scripting Vulnerabilities

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A cross-site...

5.4CVSS6.1AI score0.01118EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/30 12:0 a.m.4 views

ownCloud Server and Nextcloud Server Security Bypass Vulnerability

ownCloud is a free and open source personal cloud storage solution from German company ownCloud. nextcloud is an open source self-hosted file synchronization and sharing communication application platform. ownCloud Server and Nextcloud Server are both a server version of one of them. A security...

4.3CVSS6.8AI score0.01874EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2017/03/28 2:59 a.m.25 views

CVE-2016-9464

Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users and groups. In case of a received group share, users should be able to unshare the file to themselv...

4.3CVSS5.8AI score0.01624EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2017/03/28 2:59 a.m.27 views

CVE-2016-9465

Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud allows the download of images stored within a vCard. Due to not performing any kind of verification o...

5.4CVSS6.1AI score0.01118EPSS
Exploits1References7
Prion
Prion
added 2017/03/28 2:59 a.m.17 views

Cross site scripting

Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud allows the download of images stored within a vCard. Due to not performing any kind of verification o...

3.5CVSS5.3AI score0.01118EPSS
Exploits1References6Affected Software2
OSV
OSV
added 2017/03/28 2:59 a.m.6 views

CVE-2016-9462

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-only access was able to...

4.3CVSS4.5AI score
Exploits0References9
OSV
OSV
added 2017/03/28 2:59 a.m.8 views

CVE-2016-9461

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access to a read-only share to...

4.3CVSS6.3AI score
Exploits0References9
Cvelist
Cvelist
added 2017/03/28 2:46 a.m.24 views

CVE-2016-9463

Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against an SMB server. This backen...

8.4AI score0.04095EPSS
Exploits1References9
CVE
CVE
added 2017/03/28 2:46 a.m.53 views

CVE-2016-9461

CVE-2016-9461 affects Nextcloud Server before 9.0.52 and ownCloud Server before 9.0.4. The vulnerability stems from improper verification of edit permissions on WebDAV COPY actions, where the WebDAV endpoint did not correctly check permissions during COPY. As a result, an authenticated attacker w...

4.3CVSS4.6AI score0.02EPSS
Exploits1References9Affected Software2
Cvelist
Cvelist
added 2017/03/28 2:46 a.m.25 views

CVE-2016-9464

Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users and groups. In case of a received group share, users should be able to unshare the file to themselv...

4.4AI score0.01624EPSS
Exploits1References7
CNVD
CNVD
added 2016/10/24 12:0 a.m.3 views

Nextcloud Server Cross-Site Scripting Vulnerability (CNVD-2016-10262)

Nextcloud is a suite of open source self-hosted file synchronization and sharing communication application platform. Nextcloud Server has a cross-site scripting vulnerability in Gallery due to Gallery failing to adequately handle exception messages. An attacker can exploit this vulnerability to...

5.8AI score
Exploits0References1
CNVD
CNVD
added 2016/10/24 12:0 a.m.3 views

Nextcloud Server Cross-Site Scripting Vulnerability

Nextcloud is a suite of open source self-hosted file synchronization and sharing communication application platform. Nextcloud Server has a cross-site scripting vulnerability in the CardDAV image output. An attacker can exploit this vulnerability to launch an XSS attack...

5.8AI score
Exploits0References1
Rows per page
Query Builder