M-Files Server 安全漏洞

The M-Files Server is a server belonging to the M-Files company’s M-Files system. Versions of the M-Files Server prior to 26.3 contained security vulnerabilities. These vulnerabilities stemmed from an outdated connection method used in the document collaborative editing feature, which allowed for...

EUVD-2023-29131

Malicious code in bioql PyPI...

CVE-2023-25159 Nextcloud Server previews are accessible without a watermark

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and...

CVE-2023-25159

CVE-2023-25159 affects Nextcloud Server and related components. Technical details from PT Security show the issue resides in OCFilesNodeFolder::getFullPath(), where improper validation/normalization can allow crafted paths to escape a user’s space, potentially overwriting other users’ data. Affec...

CVE-2023-25159 Nextcloud Server previews are accessible without a watermark

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and...

Microsoft SharePoint Elevation of Privilege Vulnerability (CNVD-2022-01686)

Microsoft Office Sharepoint Server is a U.S. Microsoft Microsoft company for enterprise customers and design, web-based content management and collaboration tools. The initial version of the software exists in the form of Office components, and now also still greatly dependent on Office to provid...

Etherpad Cross-Site Scripting Vulnerability

Etherpad is a web-based online document collaboration tool. Multiple users can write a text document simultaneously through Etherpad and see all participants' edits in real time.A cross-site scripting vulnerability exists in the chat component of Etherpad version 1.8.13, which can be exploited by...

ACLs not properly enforced in "documents" application - ownCloud

The "documents" application is a collaborative web-based online editor for ODT files. Using this application you can easily share and collaborate on office documents. This application uses strong and very long random "Session IDs" to limit access to specific resources. Knowledge of this ID allows...

EMC Documentum eRoom 7.33.498.98 Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple permanent cross-site scripting vulnerabilities product: EMC Documentum eRoom vulnerable version: 7.33.498.98 fixed version: 7.4.4 impact: high homepage:...

Microsoft Groove Server Installed

Microsoft Groove Server is installed on the remote host. This application is used to centrally manage deployments of Microsoft Office Groove and Microsoft SharePoint Workspace. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid49977; scriptversion"1.12";...

SharePoint Server 2019/Office Online Server

SharePoint Server 2019/Office Online Server...