Lucene search
K

203 matches found

Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.3 views

PT-2026-23549

Name of the Vulnerable Software and Affected Versions OpenClaw Nextcloud Talk plugin versions prior to 2026.2.6 Description The Nextcloud Talk plugin allows attackers to bypass direct message DM and room allowlists. The plugin incorrectly uses the mutable actor.name field for allowlist validation...

10CVSS5.8AI score0.00489EPSS
Exploits0References18
RedhatCVE
RedhatCVE
added 2026/01/09 10:39 a.m.7 views

CVE-2022-35932

Nextcloud Talk is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.7, 13.0.7, and 14.0.3, password protected conversations are susceptible to brute force attacks if the attacker has the link/conversation token. It is recommended that the Nextcloud Talk application is...

5.3CVSS6.9AI score0.0105EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:27 a.m.6 views

CVE-2023-45149

Nextcloud talk is a chat module for the Nextcloud server platform. In affected versions brute force protection of public talk conversation passwords can be bypassed, as there was an endpoint validating the conversation password without registering bruteforce attempts. It is recommended that the...

4.3CVSS6.9AI score0.0048EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.6 views

CVE-2025-66556

Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able to delete poll drafts of other participants within the conversation based on their numeric ID. This vulnerability is fixed in 20.1.8 and 21.1.2...

4.3CVSS6.7AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2025/12/05 6:15 p.m.7 views

CVE-2025-66556

Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able to delete poll drafts of other participants within the conversation based on their numeric ID. This vulnerability is fixed in 20.1.8 and 21.1.2...

4.3CVSS0.00214EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/05 5:56 p.m.7 views

EUVD-2025-201458

Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able to delete poll drafts of other participants within the conversation based on their numeric ID. This vulnerability is fixed in 20.1.8 and 21.1.2...

3.5CVSS6.2AI score0.00214EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/05 5:56 p.m.5 views

CVE-2025-66556 Nextcloud talk allows participants to blindly delete poll drafts of other users by ID

Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able to delete poll drafts of other participants within the conversation based on their numeric ID. This vulnerability is fixed in 20.1.8 and 21.1.2...

3.5CVSS6.3AI score0.00214EPSS
Exploits0References4
CVE
CVE
added 2025/12/05 5:56 p.m.15 views

CVE-2025-66556

Nextcloud Talk contains a vulnerability in which a participant with chat permissions could delete poll drafts belonging to other participants by ID. Affected software is Nextcloud Talk prior to versions 20.1.8 and 21.1.2. The issue is addressed by upgrading to 20.1.8 or 21.1.2 or later. The conne...

4.3CVSS6.3AI score0.00214EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/12/05 5:56 p.m.22 views

CVE-2025-66556 Nextcloud talk allows participants to blindly delete poll drafts of other users by ID

Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able to delete poll drafts of other participants within the conversation based on their numeric ID. This vulnerability is fixed in 20.1.8 and 21.1.2...

3.5CVSS0.00214EPSS
Exploits0References4
OSV
OSV
added 2025/12/05 5:56 p.m.5 views

CVE-2025-66556 Nextcloud talk allows participants to blindly delete poll drafts of other users by ID

Nextcloud talk is a video & audio conferencing app for Nextcloud. Prior to 20.1.8 and 21.1.2, a participant with chat permissions was able to delete poll drafts of other participants within the conversation based on their numeric ID. This vulnerability is fixed in 20.1.8 and 21.1.2...

3.5CVSS6.6AI score0.00214EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.6 views

PT-2025-49301

Name of the Vulnerable Software and Affected Versions Nextcloud talk versions prior to 20.1.8 Nextcloud talk versions prior to 21.1.2 Description A participant with chat permissions could delete poll drafts of other participants within a conversation by using their numeric ID. This issue affects...

4.3CVSS6.5AI score0.00214EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.6 views

Nextcloud Talk 安全漏洞

Nextcloud Talk is a self-hosted local audio/video and chat communication service from Nextcloud Germany. A security vulnerability exists in Nextcloud talk versions prior to 20.1.8 and prior to 21.1.2, which stems from the ability of a participant with chat privileges to delete drafts of other...

4.3CVSS6.2AI score0.00214EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2021-25595

Malware in sbrugna...

6.4CVSS6.4AI score0.01063EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-29061

Malware in sbrugna...

9.9CVSS7.2AI score0.01668EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-19485

Malware in sbrugna...

6.5CVSS6.5AI score0.00953EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-19493

Malware in sbrugna...

8.1CVSS6.5AI score0.01EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-6577

Malware in sbrugna...

4CVSS3.9AI score0.00766EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-49456

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.0048EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-41751

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00547EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29655

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00897EPSS
Exploits1References3
Rows per page
Query Builder