9 matches found
ROS-20230913-02
Nextcloud server vulnerability is related to improper access control. Exploitation of the vulnerability could allow an attacker acting remotely to access files within a subfolder of an accessible group folder, even if extended permissions block access to the subfolder. of a group folder, even if...
CVE-2023-39959
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.9, 26.0.4, and 27.0.1, unauthenticated users could send a DAV request which reveals whether a calendar or an address book with the given identifier exists for...
Cross site request forgery (csrf)
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.9, 26.0.4, and 27.0.1, unauthenticated users could send a DAV request which reveals whether a calendar or an address book with the given identifier exists for...
CVE-2023-39959
CVE-2023-39959 affects Nextcloud Server. Unauthenticated users could send a DAV request to determine whether a calendar or address book with a given identifier exists on victims’ accounts. Affected are Nextcloud Server versions prior to 25.0.9, 26.0.4, and 27.0.1 (and corresponding Enterprise Ser...
CVE-2023-39959 Existence of calendars and address books can be checked by unauthenticated users
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.9, 26.0.4, and 27.0.1, unauthenticated users could send a DAV request which reveals whether a calendar or an address book with the given identifier exists for...
CVE-2023-39959 Existence of calendars and address books can be checked by unauthenticated users
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.9, 26.0.4, and 27.0.1, unauthenticated users could send a DAV request which reveals whether a calendar or an address book with the given identifier exists for...
Existance of calendars and addressbooks can be checked by unauthenticated users
None...
RedHat Update for httpd RHSA-2014:0370-01
Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2014:0370-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Apache Tomcat WebDav directory traversal
It's possible to retrieve file by aboslute path with LOCK DAV request...