Lucene search
K

13 matches found

Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-55664 Grist: Insufficient access control in the /forms endpoint exposes table metadata

Grist is spreadsheet software using Python as its formula language. Prior to 1.7.15, the GET /forms endpoint read table and column metadata without applying the document's access rules and did not check that the requested section was actually a form. A user with only partial read access, includin...

4.3CVSS0.00243EPSS
Exploits0References3
CVE
CVE
added 5 days ago7 views

CVE-2026-55664

Summary: Grist ≤ 1.7.14 permits reading table/column metadata via GET /forms without enforcing document access rules, potentially exposing widget metadata even in documents with no forms. Impact (as stated): A user with partial read access (including public access on a public document) could reve...

4.3CVSS6.1AI score0.00243EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.7 views

CVE-2025-66553

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4...

4.3CVSS6.5AI score0.0024EPSS
Exploits0References1
NVD
NVD
added 2025/12/05 6:15 p.m.23 views

CVE-2025-66553

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4...

4.3CVSS0.0024EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/05 5:18 p.m.3 views

CVE-2025-66553 Nextcloud Tables app allowed users to view columns metadata information of any table

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4...

4.3CVSS6.1AI score0.0024EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/05 5:18 p.m.23 views

CVE-2025-66553 Nextcloud Tables app allowed users to view columns metadata information of any table

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4...

4.3CVSS0.0024EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/05 5:18 p.m.7 views

EUVD-2025-201430

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4...

4.3CVSS6AI score0.0024EPSS
Exploits0References4
CVE
CVE
added 2025/12/05 5:18 p.m.23 views

CVE-2025-66553

Summary: Nextcloud Tables prior to 0.8.7 and 0.9.4 allows authenticated users to view column metadata of other tables by altering the numeric ID in a request, causing information disclosure. The issue is fixed in 0.8.7 and 0.9.4. Remediation: upgrade Nextcloud Tables to version 0.8.7 or later, or...

4.3CVSS6.1AI score0.0024EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/12/05 5:18 p.m.10 views

CVE-2025-66553 Nextcloud Tables app allowed users to view columns metadata information of any table

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4...

4.3CVSS6.5AI score0.0024EPSS
Exploits0References6
Nextcloud
Nextcloud
added 2025/12/05 7:54 a.m.25 views

Tables app allowed users to view columns metadata information of any table

None...

4.3CVSS5.2AI score0.0024EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.19 views

PT-2025-49292

Name of the Vulnerable Software and Affected Versions Nextcloud Tables versions prior to 0.8.7 Nextcloud Tables versions prior to 0.9.4 Description Authenticated users could view metadata of columns in other tables within the Tables app by manipulating the numeric ID in a request. This allowed...

4.3CVSS6.2AI score0.0024EPSS
Exploits0References7
Fedora
Fedora
added 2025/10/03 1:17 a.m.7 views

[SECURITY] Fedora 41 Update: sqlite-3.46.1-5.fc41

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

9.8CVSS7.2AI score0.73495EPSS
Exploits3
Fedora
Fedora
added 2025/10/01 2:45 p.m.8 views

[SECURITY] Fedora 42 Update: sqlite-3.47.2-5.fc42

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

7.7CVSS7.2AI score0.73495EPSS
Exploits3
Rows per page
Query Builder