4993 matches found
PT-2025-49297
Name of the Vulnerable Software and Affected Versions Nextcloud Deck versions prior to 1.12.7 Nextcloud Deck versions prior to 1.14.4 Nextcloud Deck versions prior to 1.15.1 Description Nextcloud Deck is a kanban style organization tool for personal planning and project organization integrated wi...
Nextcloud Desktop Client 访问控制错误漏洞
Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. An access control error vulnerability exists in Nextcloud Desktop Client versions prior to 1.14.6 and prior to 1.15.2, which stems from an error in the permissions logic and could lead to misuse ...
Nextcloud Tables 安全漏洞
Nextcloud Tables is a table application from Nextcloud Open Source. A security vulnerability exists in Nextcloud Tables versions prior to 0.8.6 and prior to 0.9.3, which stems from a malicious user being able to move columns to the victim table, potentially leading to data tampering...
PT-2025-49291
Name of the Vulnerable Software and Affected Versions Nextcloud Tables versions prior to 0.8.6 Nextcloud Tables versions prior to 0.9.3 Description A malicious user could create a table and move a column into another user's table. This action was possible in versions before 0.8.6 and 0.9.3...
PT-2025-49302
Name of the Vulnerable Software and Affected Versions Nextcloud Twofactor WebAuthn versions prior to 1.4.2 Nextcloud Twofactor WebAuthn versions prior to 2.4.1 Description A missing ownership check allows an attacker to remove a user's WebAuthn two-factor authentication device by correctly guessi...
PT-2025-49295
Name of the Vulnerable Software and Affected Versions Nextcloud Approval app versions prior to 1.3.1 Nextcloud Approval app versions prior to 2.5.0 Description The Nextcloud Approval app has an issue where an authenticated user, listed as a requester in a workflow, can set another user’s file to...
Team folders 安全漏洞
Team folders is a file sharing software from Nextcloud open source. A security vulnerability exists in Team folders versions prior to 14.0.11, 15.3.12, 16.0.15, 17.0.14, 18.1.8, 19.1.8, and 20.1.2, which stems from a read-only privileged user being able to restore files from the recycle bin,...
PT-2025-49301
Name of the Vulnerable Software and Affected Versions Nextcloud talk versions prior to 20.1.8 Nextcloud talk versions prior to 21.1.2 Description A participant with chat permissions could delete poll drafts of other participants within a conversation by using their numeric ID. This issue affects...
Nextcloud Tables 安全漏洞
Nextcloud Tables is an open source tables application from Nextcloud. A security vulnerability exists in Nextcloud Tables versions prior to 0.8.7 and prior to 0.9.4, which stems from an authenticated user being able to view metadata of other forms, potentially leading to information disclosure...
Nextcloud 跨站脚本漏洞
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nextcloud versions prior to 5.5.4, prior to 6.0.6, and prior to 7.2.5, which stems from a malicious user bei...
Nextcloud Server 安全漏洞
Nextcloud Server is a Nextcloud server program open-sourced by Nextcloud. A security vulnerability exists in Nextcloud Server that stems from improper handling of group folder paths, which could lead to incomplete logging...
Nextcloud Server 安全漏洞
Nextcloud Server is a Nextcloud server program from Nextcloud Open Source. A security vulnerability exists in versions of Nextcloud Server prior to 31.0.1, which stems from a non-privileged user being able to modify file labels via bulk tagging, potentially resulting in elevated privileges...
Nextcloud Calendar 安全漏洞
Nextcloud Calendar is an open source calendar application from Nextcloud. A security vulnerability exists in Nextcloud Calendar versions prior to 4.7.19, prior to 5.5.6, and prior to 6.0.1, which stems from the calendar application allowing blind booking of meetings, which could lead to...
Nextcloud Server 安全漏洞
Nextcloud Server is a Nextcloud server program open-sourced by Nextcloud. A security vulnerability exists in Nextcloud Server that stems from improper access control of the contact search feature, which could lead to information disclosure...
Nextcloud Calendar 安全特征问题漏洞
Nextcloud Calendar is a Nextcloud open source calendar application. Nextcloud Calendar suffers from a security signature issue vulnerability that stems from an insecure way of generating meeting proposal participant tokens, which can be exploited by an attacker to cause the tokens to be computed...
PT-2025-49268
Name of the Vulnerable Software and Affected Versions Nextcloud Server and Enterprise Server versions prior to 31.0.1 Description Non-privileged users can modify tags on files they should not have access to through bulk tagging. This affects a self-hosted personal cloud system. Recommendations...
PT-2025-49269
Name of the Vulnerable Software and Affected Versions Nextcloud Server versions prior to 30.0.9 Nextcloud Server versions prior to 31.0.1 Description An issue exists in Nextcloud Server and Enterprise Server related to incorrect path handling with groupfolders. This resulted in the admin audit ap...
PT-2025-49289
Name of the Vulnerable Software and Affected Versions Nextcloud Calendar versions prior to 4.7.19 Nextcloud Calendar versions prior to 5.5.6 Nextcloud Calendar versions prior to 6.0.1 Description The Nextcloud Calendar application contained a flaw where appointments could be booked without knowin...
PT-2025-49300
Name of the Vulnerable Software and Affected Versions Nextcloud Contacts app versions prior to 5.5.4 Nextcloud Contacts app versions prior to 6.0.6 Nextcloud Contacts app versions prior to 7.2.5 Description A malicious user could modify the organisation and title fields to load additional CSS...
PT-2025-49265
Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 31.0.10 and 32.0.1 and Nextcloud Enterprise Server prior to 28.0.14.11, 29.0.16.8, 30.0.17.3, and 31.0.10, contacts search allowed to retrieve personal data of other users emails, names, identifiers without prop...