4993 matches found
Test remote endpoint is not rate limited
None...
Second factor not requested after session timeout
None...
Nextcloud Desktop Client 访问控制错误漏洞
Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. An access control error vulnerability exists in versions prior to Nextcloud Desktop Client 3.15, which stems from a third-party application that can create linked shares via the socket API,...
PT-2025-21658
Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop versions prior to 3.15 Description: The issue affects Nextcloud Desktop, allowing 3rd party applications to create link shares for almost all data via the socket API. These shares can then be sent to an external service...
Nextcloud 授权问题漏洞
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An authorization issue vulnerability exists in Nextcloud versions prior to 29.0.15, prior to 30.0.9, and prior to 31.0.3, which stems from a session...
Nextcloud 访问控制错误漏洞
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An access control error vulnerability exists in Nextcloud versions prior to 29.0.13, prior to 30.0.7, and prior to 31.0.1, which stems from an attacker bei...
Nextcloud 安全漏洞
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud versions prior to 30.0.2, prior to 29.0.9, and prior to 28.0.1 that stems from a lack of quota checking and...
PT-2025-21656 · Nextcloud · Nextcloud Enterprise Server +1
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 29.0.15, 30.0.9, and 31.0.3 Nextcloud Enterprise Server versions prior to 26.0.13.15, 27.1.11.15, 28.0.14.6, 29.0.15, 30.0.9, and 31.0.3 Description: The issue concerns a bug in session handling. When the...
PT-2025-21657 · Nextcloud +1 · Nextcloud Enterprise Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 28.0.13 Nextcloud Server versions prior to 29.0.10 Nextcloud Server versions prior to 30.0.3 Nextcloud Enterprise Server versions prior to 28.0.13 Nextcloud Enterprise Server versions prior to 29.0.10...
PT-2025-21662 · Nextcloud · Nextcloud Enterprise Server +1
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 29.0.13, 30.0.7, and 31.0.1 Nextcloud Enterprise Server versions prior to 26.0.13.13, 27.1.11.13, 28.0.14.4, 29.0.13, 30.0.7, and 31.0.1 Description: The issue allows an attacker on a multi-user system to re...
Nextcloud 代码问题漏洞
Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A code issue vulnerability exists in Nextcloud versions prior to 28.0.13, prior to 29.0.10, and prior to 30.0.3, which stems from not properly securing a...
PT-2025-21661 · Nextcloud +1 · Nextcloud Enterprise Server +3
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 30.0.2 Nextcloud Server versions prior to 29.0.9 Nextcloud Server versions prior to 28.0.1 Nextcloud Enterprise Server versions prior to 30.0.2 Nextcloud Enterprise Server versions prior to 29.0.9 Nextcloud...
📄 Nextcloud Workflows Remote Code Execution
This Metasploit module adds workflows as an authenticated user which can only be created by administrators by design. If the app "Nextcloud Workflow Script" is installed it is possible to generate a workflow that executes commands. This module requires Metasploit: https://metasploit.com/download...
Nextcloud: Tables app allowed users to view columns metadata information of any table
The Tables app allowed users to view columns metadata information of any table...
The vulnerability of the NextCloud calendar application, a cloud-based software for creating and using NextCloud storage, relates to improper authentication procedures. This vulnerability allows attackers to bypass authentication checks.
The vulnerability of the Nextcloud calendar application, a cloud-based software for creating and using Nextcloud data storage, is related to improper authentication procedures. Exploiting this vulnerability allows an attacker to bypass authentication checks remotely...
ROS-20250417-01
A vulnerability in the Nextcloud calendar cloud software application for creating and utilizing the Nextcloud Nextcloud data warehouse is related to disclosure of internal website paths when the SMTP server is unavailable. Exploitation of the vulnerability could allow an attacker acting remotely ...
[SECURITY] Fedora 42 Update: nextcloud-31.0.2-1.fc42
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
The vulnerability of the Nextcloud calendar application, a cloud-based software for creating and using Nextcloud data storage, stems from incorrect neutralization of special elements in the output data. This allows attackers to inject arbitrary SMTP commands.
The vulnerability of the Nextcloud calendar application, a cloud-based software for creating and using Nextcloud data storage, is related to incorrect elimination of certain elements in the output data. Exploiting this vulnerability allows an attacker to inject arbitrary SMTP commands remotely...
[SECURITY] Fedora 40 Update: nextcloud-31.0.2-2.fc40
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
[SECURITY] Fedora 41 Update: nextcloud-31.0.2-1.fc41
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...