Can reshare read&share only folder with more permissions

None...

Events information leaked with shared calendars on recurrence exceptions

None...

ID4me does not validate signature or expiration

None...

Code injection in Nextcloud Desktop Client for macOS

None...

Users can delete old versions of read-only shared files

None...

Can access comments and attachments of deleted cards

None...

Notes app can be tricked into using a received share created before the user logged in

None...

Read-only users can restore old versions

None...

Missing permission check when removing a photo from an album

None...

Ability to by-pass second factor

None...

ID4me feature of OpenID connect app available even when disabled

None...

PT-2024-4382 · Nextcloud +2 · Nextcloud Enterprise Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 26.0.12 Nextcloud Server versions prior to 27.1.7 Nextcloud Server versions prior to 28.0.3 Nextcloud Enterprise Server versions prior to 26.0.12 Nextcloud Enterprise Server versions prior to 27.1.7 Nextclou...

Nextcloud Security Breach

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Deck versions prior to 1.6.6, prior to 1.7.5, prior to 1.8.7, prior to 1.9.6, prior to 1.11.3, and prior to...

PT-2024-27809 · Nextcloud · Nextcloud Deck

Name of the Vulnerable Software and Affected Versions: Nextcloud Deck versions prior to 1.6.6 Nextcloud Deck versions prior to 1.7.5 Nextcloud Deck versions prior to 1.8.7 Nextcloud Deck versions prior to 1.9.6 Nextcloud Deck versions prior to 1.11.3 Nextcloud Deck versions prior to 1.12.1...

Nextcloud 安全漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from an Access Control Error vulnerability that stems from a lack of access control, which can be exploited by an attacker to register an...

Nextcloud Security Breach

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a security vulnerability that stems from the possibility that an attacker could trick the application into accepting requests that a...

Nextcloud 安全漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud Photos suffers from a security vulnerability that stems from the ability for users to delete photos from registered users' albums. No details of the...

Nextcloud 安全漏洞

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Calendar, which can be exploited by an authenticated attacker to create attachments that link to other websites v...

PT-2024-4381 · Nextcloud +2 · Nextcloud Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 26.0.12 Nextcloud Server versions prior to 27.1.7 Nextcloud Server versions prior to 28.0.3 Nextcloud Enterprise Server versions prior to 23.0.12.16 Nextcloud Enterprise Server versions prior to 24.0.12.12...

Nextcloud Security Breach

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that stems from a duplicate exception where a sharer can read privately shared calendar events...