4969 matches found
CVE-2020-8152
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on...
Nextcloud Server Server-Side Encryption Keys Insufficiently Protected Vulnerability
Nextcloud is a set of client-server software for creating file hosting services and using them. Nextcloud Server 19.0.1 suffers from an insufficiently protected server-side encryption key vulnerability. An attacker could exploit the vulnerability by replacing the encryption key...
Nextcloud Server server-side encryption key underprotection vulnerability (CNVD-2020-66860)
Nextcloud is a set of client-server software for creating file hosting services and using them. A server-side insufficient encryption key protection vulnerability exists in Nextcloud Server 19.0.1. An attacker can exploit the vulnerability to replace the public key and decrypt the encryption key...
Nextcloud Server Encryption Vulnerability
Nextcloud is a set of client-server software for creating network hard disks.Nextcloud Server is the server. An encryption vulnerability exists in Nextcloud Server 19.0.1. An attacker could use this vulnerability to degrade the encryption scheme and compromise the integrity of encrypted files...
Nextcloud Server Encryption Block Password Phrase Generation Error Vulnerability
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cryptographic block cipher phrase generation error vulnerability exists in Nextcloud Server 19.0.1. An attacker could exploit the vulnerability to overwrite...
CVE-2020-8133
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...
CVE-2020-8150
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files...
CVE-2020-8150
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files...
CVE-2020-8133
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...
Design/Logic Flaw
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...
Design/Logic Flaw
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files...
CVE-2020-8133
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file...
CVE-2020-8133
Nextcloud Server 19.0.1 vulnerability (CVE-2020-8133) arises from incorrect passphrase generation for the encrypted block, enabling an attacker to silently overwrite blocks within a file. Public sources (Nextcloud advisory NC-SA-2020-038) describe MAC-based encryption weaknesses that can be explo...
CVE-2020-8150
CVE-2020-8150 relates to Nextcloud Server 19.0.1 and describes a cryptographic downgrade where an attacker can degrade the encryption scheme and break the integrity of encrypted files. Public docs indicate this vulnerability affects Nextcloud Server 19.0.1 and is discussed in the NC-SA-2020-039 a...
CVE-2020-8150
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files...
Nextcloud Server Encryption Issue Vulnerability
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server 18.0.4, which stems from too small a random character set being used for encryption, making decryption tim...
Nextcloud Server Authorization Issues Vulnerability (CNVD-2020-64589)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An authorization issue vulnerability exists in Nextcloud Server 19.0.1, which stems from a misconfiguration that allows users to feel that a passwordless...
CVE-2020-8183
A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call...
CVE-2020-8236
A wrong configuration in Nextcloud Server 19.0.1 incorrectly made the user feel the passwordless WebAuthn is also a two factor verification by asking for the PIN of the passwordless WebAuthn but not verifying it...
CVE-2020-8173
A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended...