4993 matches found
[SECURITY] Fedora 39 Update: nextcloud-29.0.6-2.fc39
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
[SECURITY] Fedora 40 Update: nextcloud-29.0.6-2.fc40
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
Fedora: Security Advisory (FEDORA-2024-bdac6de5ee)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-296a0db958)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : nextcloud (2024-296a0db958)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-296a0db958 advisory. 29.0.6 release RHBZ2305125 RHBZ2309499 fixes CVE-2024-39338 Tenable has extracted the preceding description block directly from the Fedora security advisory...
Fedora 39 : nextcloud (2024-bdac6de5ee)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-bdac6de5ee advisory. 29.0.6 release RHBZ2305125 RHBZ2309499 fixes CVE-2024-39338 Tenable has extracted the preceding description block directly from the Fedora security advisory...
Nextcloud: Share information of Tables app is not limited to affected users
The vulnerability in the Tables app in Nextcloud allowed the sharing of information with users not affected by the vulnerability...
PT-2024-9166 · Nextcloud +2 · Nextcloud Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 28.0.10 Nextcloud Server versions prior to 29.0.7 Nextcloud Server versions prior to 30.0.0 Description: The issue is related to the use of a reversible one-way hash function in Nextcloud Server, which...
PT-2024-9154 · Nextcloud +1 · Nextcloud Enterprise Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 28.0.10 Nextcloud Server versions prior to 29.0.7 Nextcloud Enterprise Server versions prior to 27.1.11.8 Nextcloud Enterprise Server versions prior to 28.0.10 Nextcloud Enterprise Server versions prior to...
PT-2024-9158 · Nextcloud +1 · Nextcloud Enterprise Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 28.0.10 and prior to 29.0.7 Nextcloud Enterprise Server versions prior to 27.1.11.8, prior to 28.0.10, and prior to 29.0.7 Description: The issue is related to the insecure storage of confidential informatio...
Nextcloud: Nextcloud Tables app - inserting rows to an arbitrary table possible
The Nextcloud Tables app was found to have a vulnerability that allowed inserting rows to an arbitrary table. The vulnerability was disclosed in a security advisory...
PT-2024-9165 · Nextcloud +2 · Nextcloud Enterprise Server +3
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 22.2.11 Nextcloud Server versions prior to 23.0.11 Nextcloud Server versions prior to 24.0.6 Nextcloud Enterprise Server versions prior to 22.2.11 Nextcloud Enterprise Server versions prior to 23.0.11...
ROS-20231019-02
A vulnerability in Nextcloud cloud storage creation and utilization software is related to gaining write/read privileges on any file share. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges...
Nextcloud: X-E2EE-SIGNATURE verification can be bypassed, leading to loss of confidentiality of end-to-end encrypted files
The X-E2EE-SIGNATURE verification was found to be vulnerable, leading to the potential loss of confidentiality of end-to-end encrypted files...
The vulnerability of the Nextcloud Notes note-taking application, which allows a hacker to access confidential information
The vulnerability of the Nextcloud Notes note-taking application lies in the ability to share the Notes folder with a new user before he enters the system. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential information...
The vulnerability of the files_versions() function in cloud-based software for creating and using Nextcloud Server allows a hacker to restore older versions of documents.
The vulnerability of the filesversions function in cloud-based software for creating and using Nextcloud Server storage involves the ability to restore older versions of documents, if the filesversions function is enabled. Exploiting this vulnerability could allow a malicious actor to restore old...
The vulnerability of cloud software in creating and using Nextcloud Server and Nextcloud Enterprise Server lies in the authentication procedures’ flaws, which allow attackers to bypass the authentication process.
The vulnerability of cloud-based software for creating and using Nextcloud Server and Nextcloud Enterprise Server is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to bypass the 2FA authentication process...
The vulnerability of the Delete component in the cloud software for creating and using Nextcloud Server’s data storage allows a attacker to cause a service failure.
The vulnerability of the “Delete” component in the cloud software for creating and using data storage for Nextcloud Server is related to lack of access control. Exploiting this vulnerability could allow an attacker to cause service interruptions...
The vulnerability of the Share component in the cloud software for creating and using Nextcloud Server’s data storage system allows a attacker to compromise the integrity of the data or cause service failures.
The vulnerability of the Share component in the cloud software for creating and using Nextcloud Server storage involves the sending of requests to delete old versions of files that could only be accessed with read permissions. Exploiting this vulnerability allows a malicious actor to compromise...
The vulnerability of cloud software for creating and using Nextcloud Server’s data storage solution allows a hacker to bypass the authentication process.
The vulnerability of cloud-based software for creating and using Nextcloud Server lies in accessing an active session of another user, by sending calls directly to the API without requiring a password confirmation. Exploiting this vulnerability allows a malicious actor to bypass the authenticatio...