[SECURITY] Fedora 34 Update: nextcloud-20.0.11-1.fc34

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

openSUSE: Security Advisory for nextcloud (openSUSE-SU-2021:1068-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE 15 Security Update : nextcloud (openSUSE-SU-2021:1068-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1068-1 advisory. - A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows users to store unlimited data in workflow rules...

Security update for nextcloud (important)

openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2021:1068-1 Rating: important References: 1181445 1181803 1181804 1188247 1188248 1188249 1188250 1188251 1188252 1188253 1188254 1188255 1188256 Cross-References: CVE-2020-8293 CVE-2020-8294 CVE-2020-8295...

OPENSUSE-SU-2021:1068-1 Security update for nextcloud

This update for nextcloud fixes the following issues: nextcloud was updated to 20.0.11: - Fix boo1188247 - CVE-2021-32678: OCS API response ratelimits are not applied - Fix boo1188248 - CVE-2021-32679: filenames where not escaped by default in controllers using DownloadResponse - Fix boo1188249 -...

[ASA-202107-41] nextcloud-app-mail: information disclosure

Arch Linux Security Advisory ASA-202107-41 ========================================== Severity: Low Date : 2021-07-20 CVE-ID : CVE-2021-32707 Package : nextcloud-app-mail Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2145 Summary ======= The package...

Nextcloud: Lack of bruteforce protection for TOTP 2FA

Vulnerability description not provided...

Nextcloud Server Multiple Vulnerabilities (Jul 2021)

Nextcloud Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"...

Unspecified vulnerability in Nextcloud (CNVD-2021-51815)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that stems from a lack of privilege checking in Nextcloud Server, where tokens are able to change their ow...

Unspecified Vulnerability in Nextcloud (CNVD-2021-51814)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.0.11, and 21.0.3, which stems from the audit logging feature failing to log...

Unspecified Vulnerability in Nextcloud (CNVD-2021-51810)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.0.11, and 21.0.3, which stems from the fact that rate limiting in Nextcloud...

Unspecified vulnerability in Nextcloud (CNVD-2021-51803)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3 can be exploited by an attacker to enumerate potentially valid...

Unspecified Vulnerability in Nextcloud (CNVD-2021-51800)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in Nextcloud Mail versions prior to 1.9.6, which stems from a privacy filter failing to filter images with the...

Unspecified Vulnerability in Nextcloud (CNVD-2021-51799)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.011, and 21.0.3, which stems from the fact that the webauthn token is not...

Unspecified vulnerability in Nextcloud (CNVD-2021-51795)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.011, and 21.0.3, which can be exploited by an attacker to enumerate...

Nextcloud Cross-Site Scripting Vulnerability (CNVD-2021-51801)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nextcloud Text in versions prior to 19.0.13, 20.0.11 and 21.0.3. No detailed vulnerability details are availabl...

Nextcloud Permission License and Access Control Issues Vulnerabilities

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A permission permission and access control issue vulnerability exists in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3, which stems from...

Nextcloud Information Disclosure Vulnerability (CNVD-2021-51797)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3, which could result in the full path of a...

Unspecified Vulnerability in Nextcloud (CNVD-2021-51796)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3 can be exploited by an attacker to enumerate potentially valid...

Nextcloud Trust Management Issues Vulnerability (CNVD-2021-51798)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. The Nextcloud Android Client prior to version 3.16.1 is vulnerable to a trust management issue that stems from the Nextcloud Android Client skipping a step th...