CVE-2023-28647 App pin of the iOS app can be bypassed in Nextcloud iOS

Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain...

CVE-2023-28647 App pin of the iOS app can be bypassed in Nextcloud iOS

Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain...

Ability to control the filename when uploading a logo or favicon as admin in the theming settings

None...

Insecure randomness for default password in file sharing when password policy app is disabled

None...

Scope of workflow operations is not validated

None...

App pin of the iOS app can be bypassed

None...

Reference fetch can saturate the server bandwidth for 10 seconds

None...

Potential share collision for recipients when caching is enabled

None...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud iOS versions prior to 4.7.0, which stems from the ability to bypass the app password of an iOS app...

Nextcloud 资源管理错误漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A resource management error vulnerability exists in Nextcloud versions 25.0.3 prior to 25.0.x. The vulnerability stems from an inefficient extraction...

Nextcloud Android app 安全漏洞

The Nextcloud Android app is an Android-based mobile application for accessing Nextcloud servers from Nextcloud Germany. A security vulnerability exists in Nextcloud android version 3.7.0 up to and including version 3.24.1, which stems from the ability to bypass Nextcloud Android Pin/passcode...

Nextcloud 安全特征问题漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. Nextcloud suffers from a security signature issue vulnerability that stems from the weak complexity of the backup password generated when creating a share,...

Nextcloud 操作系统命令注入漏洞

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An operating system command injection vulnerability exists in Nextcloud server, which stems from an unvalidated workflow scope of operation that results in the...

Nextcloud 代码问题漏洞

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, a German company. A code issue vulnerability exists in Nextcloud server that stems from the ability to control file names when uploading a website icon as an administrator ...

PT-2023-21872 · Nextcloud · Nextcloud Ios

Name of the Vulnerable Software and Affected Versions: Nextcloud iOS versions prior to 4.7.0 Description: The issue affects the Nextcloud iOS application, which is used to interface with the Nextcloud home cloud ecosystem. When an attacker has physical access to an unlocked device, they may enabl...

PT-2023-2469 · Nextcloud +2 · Nextcloud Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 24.0.10 Nextcloud Server versions prior to 25.0.4 Description: The issue is related to the lack of restrictions on file uploads in the Nextcloud server, allowing administrators to upload a logo or favicon wi...

Nextcloud 安全漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud Germany. A security vulnerability exists in Nextcloud serve, which stems from a sharing conflict that can occur in recipients when caching is enabled. Affected...

PT-2023-21871 · Nextcloud · Nextcloud Android App

Name of the Vulnerable Software and Affected Versions: Nextcloud Android versions 3.7.0 through 3.24.0 Description: The Nextcloud Android app has a security issue that allows an attacker with access to an unlocked physical device to bypass the Pin/passcode protection using a third-party app. This...

PT-2023-2468 · Nextcloud +2 · Nextcloud Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 24.0.10 Nextcloud Server versions prior to 25.0.4 Description: The issue is related to the generated fallback password when creating a share in Nextcloud Server, which uses a weak complexity random number...

Nextcloud: Notes attachments render HTML in preview mode

Vulnerability description not provided...