15 matches found
CVE-2025-66549
Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...
UBUNTU-CVE-2025-66549
Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...
CVE-2025-66549
The CVE-2025-66549 entry concerns Nextcloud Desktop (the desktop sync client). Before version 3.16.5, locking a file inside an end-to-end encrypted directory would send the file’s path to the server unencrypted, allowing administrators to see it in logs. The root cause is unencrypted transmission...
CVE-2025-66549 Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory
Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...
EUVD-2025-201462
Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...
Nextcloud Desktop Client 安全漏洞
Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. A security vulnerability exists in Nextcloud Desktop Client versions prior to 3.16.5, which stems from the unencrypted sending of file paths in an end-to-end encrypted directory, which could lead...
CVE-2025-24583
Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through = 3.16.5...
CVE-2025-24582
Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting List: from n/a through = 3.16.5...
CVE-2025-24582 WordPress 12 Step Meeting List plugin <= 3.16.5 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Retrieve Embedded Sensitive Data.This issue affects 12 Step Meeting List: from n/a through = 3.16.5...
WordPress 12 Step Meeting List plugin <= 3.16.5 - Arbitrary Content Deletion vulnerability
Arbitrary Content Deletion vulnerability discovered by Mika in WordPress Plugin 12 Step Meeting List versions = 3.16.5...
WordPress 12 Step Meeting List plugin <= 3.16.5 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Mika in WordPress Plugin 12 Step Meeting List versions = 3.16.5...
WordPress plugin 12 Step Meeting List 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
PT-2025-5421 · Unknown · Code For Recovery 12 Step Meeting List
Name of the Vulnerable Software and Affected Versions: Code for Recovery 12 Step Meeting List versions 3.16.5 and earlier Description: The issue allows the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: For versions 3.16.5 and...
PT-2025-49298
Name of the Vulnerable Software and Affected Versions Nextcloud Desktop versions prior to 3.16.5 Description Nextcloud Desktop is a desktop sync client for Nextcloud. Before version 3.16.5, the file path was transmitted unencrypted when attempting to manually lock a file within an end-to-end...
[SYSS-2014-012] FancyFon FAMOC - Session Fixation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-012 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Session Fixation CWE-384 Risk Level: Low Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date: 2015-01-...