4969 matches found
Bypass of image blocking in Nextcloud Mail
None...
Lack of ratelimit on public DAV endpoint
None...
Lack of ratelimit on shareinfo endpoint
None...
Nextcloud Talk not properly disassociating users from chats after account deletion
None...
Application specific tokens can change their own scope
None...
Audit log is not properly logging unsetting of share expiration date
None...
Filenames not escaped by default in controllers using DownloadResponse
None...
Ratelimit not applied on OCS API responses
None...
Nextcloud 输入验证错误漏洞
An input validation error vulnerability exists in Nextcloud Server, which stems from the fact that DownloadResponse does not do security checks on uploaded file names, and could be exploited to trick users into downloading malicious files with normal file name...
Nextcloud 跨站脚本漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nextcloud Text in versions prior to 19.0.13, 20.0.11 and 21.0.3. No detailed vulnerability details are availabl...
Nextcloud Talk 安全漏洞
Nextcloud Talk is a self-hosted local audio/video and chat communication service from Nextcloud Germany. A security vulnerability exists in versions prior to Nextcloud Talk 11.2.2, which stems from the fact that if a user is able to reuse a previously used username, they can access any chat...
Nextcloud 安全漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.0.11, and 21.0.3, which stems from the audit logging feature failing to log...
Nextcloud 安全漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.0.11, and 21.0.3, which stems from the fact that rate limiting in Nextcloud...
Nextcloud 安全漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in Nextcloud Mail versions prior to 1.9.6, which stems from a privacy filter failing to filter images with the...
Nextcloud 信任管理问题漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. The Nextcloud Android Client prior to version 3.16.1 is vulnerable to a trust management issue that stems from the Nextcloud Android Client skipping a step th...
Nextcloud 安全漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3 can be exploited by an attacker to enumerate potentially valid...
Nextcloud 安全漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.011, and 21.0.3, which can be exploited by an attacker to enumerate...
Nextcloud 权限许可和访问控制问题漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A permission permission and access control issue vulnerability exists in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3, which stems from...
PT-2021-19869 · Nextcloud +2 · Nextcloud Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.13 Nextcloud Server versions prior to 20.0.11 Nextcloud Server versions prior to 21.0.3 Description: The issue is related to a lack of ratelimiting on the "shareinfo" endpoint, which may have allowed an...
PT-2021-19887 · Nextcloud +2 · Nextcloud Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.13 Nextcloud Server versions prior to 20.0.11 Nextcloud Server versions prior to 21.0.3 Description: The issue concerns the handling of webauthn tokens in Nextcloud Server. In affected versions, webauth...