Lucene search
K

4993 matches found

Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.5 views

PT-2025-49297

Name of the Vulnerable Software and Affected Versions Nextcloud Deck versions prior to 1.12.7 Nextcloud Deck versions prior to 1.14.4 Nextcloud Deck versions prior to 1.15.1 Description Nextcloud Deck is a kanban style organization tool for personal planning and project organization integrated wi...

5.5CVSS6.5AI score0.00125EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Nextcloud Desktop Client 访问控制错误漏洞

Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. An access control error vulnerability exists in Nextcloud Desktop Client versions prior to 1.14.6 and prior to 1.15.2, which stems from an error in the permissions logic and could lead to misuse ...

5.4CVSS6.4AI score0.00233EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.3 views

Nextcloud Tables 安全漏洞

Nextcloud Tables is a table application from Nextcloud Open Source. A security vulnerability exists in Nextcloud Tables versions prior to 0.8.6 and prior to 0.9.3, which stems from a malicious user being able to move columns to the victim table, potentially leading to data tampering...

6.3CVSS6.5AI score0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.4 views

PT-2025-49291

Name of the Vulnerable Software and Affected Versions Nextcloud Tables versions prior to 0.8.6 Nextcloud Tables versions prior to 0.9.3 Description A malicious user could create a table and move a column into another user's table. This action was possible in versions before 0.8.6 and 0.9.3...

6.3CVSS6.5AI score0.00206EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.5 views

PT-2025-49302

Name of the Vulnerable Software and Affected Versions Nextcloud Twofactor WebAuthn versions prior to 1.4.2 Nextcloud Twofactor WebAuthn versions prior to 2.4.1 Description A missing ownership check allows an attacker to remove a user's WebAuthn two-factor authentication device by correctly guessi...

4.3CVSS6.7AI score0.00226EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.6 views

PT-2025-49295

Name of the Vulnerable Software and Affected Versions Nextcloud Approval app versions prior to 1.3.1 Nextcloud Approval app versions prior to 2.5.0 Description The Nextcloud Approval app has an issue where an authenticated user, listed as a requester in a workflow, can set another user’s file to...

2.7CVSS6.3AI score0.00261EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Team folders 安全漏洞

Team folders is a file sharing software from Nextcloud open source. A security vulnerability exists in Team folders versions prior to 14.0.11, 15.3.12, 16.0.15, 17.0.14, 18.1.8, 19.1.8, and 20.1.2, which stems from a read-only privileged user being able to restore files from the recycle bin,...

4.3CVSS6.5AI score0.0023EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.6 views

PT-2025-49301

Name of the Vulnerable Software and Affected Versions Nextcloud talk versions prior to 20.1.8 Nextcloud talk versions prior to 21.1.2 Description A participant with chat permissions could delete poll drafts of other participants within a conversation by using their numeric ID. This issue affects...

4.3CVSS6.5AI score0.00206EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.5 views

Nextcloud Tables 安全漏洞

Nextcloud Tables is an open source tables application from Nextcloud. A security vulnerability exists in Nextcloud Tables versions prior to 0.8.7 and prior to 0.9.4, which stems from an authenticated user being able to view metadata of other forms, potentially leading to information disclosure...

4.3CVSS6.1AI score0.00231EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Nextcloud 跨站脚本漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nextcloud versions prior to 5.5.4, prior to 6.0.6, and prior to 7.2.5, which stems from a malicious user bei...

5.4CVSS6AI score0.00204EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Nextcloud Server 安全漏洞

Nextcloud Server is a Nextcloud server program open-sourced by Nextcloud. A security vulnerability exists in Nextcloud Server that stems from improper handling of group folder paths, which could lead to incomplete logging...

4.3CVSS6.3AI score0.00265EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Nextcloud Server 安全漏洞

Nextcloud Server is a Nextcloud server program from Nextcloud Open Source. A security vulnerability exists in versions of Nextcloud Server prior to 31.0.1, which stems from a non-privileged user being able to modify file labels via bulk tagging, potentially resulting in elevated privileges...

4.3CVSS6.4AI score0.00238EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Nextcloud Calendar 安全漏洞

Nextcloud Calendar is an open source calendar application from Nextcloud. A security vulnerability exists in Nextcloud Calendar versions prior to 4.7.19, prior to 5.5.6, and prior to 6.0.1, which stems from the calendar application allowing blind booking of meetings, which could lead to...

3.3CVSS6.3AI score0.00118EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Nextcloud Server 安全漏洞

Nextcloud Server is a Nextcloud server program open-sourced by Nextcloud. A security vulnerability exists in Nextcloud Server that stems from improper access control of the contact search feature, which could lead to information disclosure...

4.9CVSS6.2AI score0.00297EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/05 12:0 a.m.4 views

Nextcloud Calendar 安全特征问题漏洞

Nextcloud Calendar is a Nextcloud open source calendar application. Nextcloud Calendar suffers from a security signature issue vulnerability that stems from an insecure way of generating meeting proposal participant tokens, which can be exploited by an attacker to cause the tokens to be computed...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.7 views

PT-2025-49268

Name of the Vulnerable Software and Affected Versions Nextcloud Server and Enterprise Server versions prior to 31.0.1 Description Non-privileged users can modify tags on files they should not have access to through bulk tagging. This affects a self-hosted personal cloud system. Recommendations...

4.3CVSS6.5AI score0.00238EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.6 views

PT-2025-49269

Name of the Vulnerable Software and Affected Versions Nextcloud Server versions prior to 30.0.9 Nextcloud Server versions prior to 31.0.1 Description An issue exists in Nextcloud Server and Enterprise Server related to incorrect path handling with groupfolders. This resulted in the admin audit ap...

4.3CVSS6.4AI score0.00265EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.6 views

PT-2025-49289

Name of the Vulnerable Software and Affected Versions Nextcloud Calendar versions prior to 4.7.19 Nextcloud Calendar versions prior to 5.5.6 Nextcloud Calendar versions prior to 6.0.1 Description The Nextcloud Calendar application contained a flaw where appointments could be booked without knowin...

3.3CVSS6.4AI score0.00118EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.8 views

PT-2025-49300

Name of the Vulnerable Software and Affected Versions Nextcloud Contacts app versions prior to 5.5.4 Nextcloud Contacts app versions prior to 6.0.6 Nextcloud Contacts app versions prior to 7.2.5 Description A malicious user could modify the organisation and title fields to load additional CSS...

5.4CVSS6.5AI score0.00204EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.4 views

PT-2025-49265

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 31.0.10 and 32.0.1 and Nextcloud Enterprise Server prior to 28.0.14.11, 29.0.16.8, 30.0.17.3, and 31.0.10, contacts search allowed to retrieve personal data of other users emails, names, identifiers without prop...

4.5CVSS6.4AI score0.00297EPSS
Exploits0References4
Rows per page
Query Builder