PT-2024-35347 · Nextcloud · Nextcloud Tables

Name of the Vulnerable Software and Affected Versions: Nextcloud Tables versions prior to 0.8.1 Description: The issue concerns the sharing of table information in Nextcloud Tables, where the details about which table identified by a numeric ID is shared with specific groups and users, along with...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud has a security vulnerability that stems from an MD5 hash being used to check the uniqueness of background jobs. This increases the likelihood tha...

Nextcloud Mail 信息泄露漏洞

Nextcloud Mail is an email from Nextcloud Germany. An information disclosure vulnerability exists in Nextcloud Mail. An attacker who exploits this vulnerability by registering autoconfig.tld will have the email details used sent to the attacker's server...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that stems from Nextcloud Tables allowing users to create tables with separate columns...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a security vulnerability that stems from the fact that OAuth2 client secrets are stored in a recoverable manner so that an attacker...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that stems from the fact that by directly specifying the ID of a table or view, a malicious user can blindly...

Nextcloud 信息泄露漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from an information disclosure vulnerability that stems from the fact that after setting up user- or administrator-defined external storage...

Nextcloud Mail 访问控制错误漏洞

Nextcloud Mail is an email from Nextcloud Germany. An access control error vulnerability exists in Nextcloud Mail that stems from allowing shared files without download permissions to be attached as attachments...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that stems from a malicious user being able to upload a manipulated SVG file with a referenced path after an...

Nextcloud 资源管理错误漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a resource management error vulnerability that stems from the fact that due to a pre-sent HEAD request, the link reference provider...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a security vulnerability that stems from the fact that under certain circumstances, a user's password is stored in session data in a...

Nextcloud 授权问题漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from an authorization issue vulnerability that originates when an attacker gains access to a user or administrator session to create, change...

PT-2024-35349 · Nextcloud +1 · Nextcloud Desktop Client +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop Client versions prior to 3.14.2 Description: The issue concerns the Nextcloud Desktop Client, a tool used to synchronize files from Nextcloud Server with a computer. It was found that the Desktop client did not stop with an...

PT-2024-35351 · Nextcloud · Nextcloud User Oidc

Name of the Vulnerable Software and Affected Versions: Nextcloud User OIDC app versions prior to 6.1.0 Description: A malicious user could send a malformed login link that would redirect the user to a provided URL after successfully authenticating. This issue is related to the user oidc app, an...

Nextcloud 信息泄露漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from an information disclosure vulnerability that originates when a malicious user downloads attachments referenced in a text file without...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that originates from a malicious user being able to send an incorrectly formatted login link that redirects th...

Nextcloud Desktop Client 信任管理问题漏洞

Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. A trust management issue vulnerability exists in Nextcloud Desktop Client that stems from the fact that if a manipulated server sends an empty initial signature, the desktop client does not stop...

PT-2024-35350 · Nextcloud · Nextcloud Tables

Name of the Vulnerable Software and Affected Versions: Nextcloud Tables versions prior to 0.8.0 Description: The issue allows a malicious user to insert new rows into tables they have no access to by directly specifying the ID of a table or view. Recommendations: For versions prior to 0.8.0,...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that stems from the fact that when the server is configured to allow sharing only with users in their own grou...

PT-2024-9168 · Nextcloud +1 · Nextcloud Mail +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 1.14.6 Nextcloud Mail versions prior to 1.15.4 Nextcloud Mail versions prior to 2.2.11 Nextcloud Mail versions prior to 3.6.3 Nextcloud Mail versions prior to 3.7.7 Nextcloud Mail versions prior to 4.0.0...