38 matches found
EUVD-2021-22581
Malware in sbrugna...
EUVD-2021-19476
Malware in sbrugna...
EUVD-2021-19475
Malware in sbrugna...
EUVD-2022-52719
Malicious code in bioql PyPI...
EUVD-2022-52754
Malicious code in bioql PyPI...
CVE-2021-32656
Nextcloud Server is a Nextcloud package that handles data storage. A vulnerability in federated share exists in versions prior to 19.0.11, 20.0.10, and 21.0.2. An attacker can gain access to basic information about users of a server by accessing a public link that a legitimate server user added a...
ownCloud: Federated share permissions can be increased by recipient
The federated share permissions in Nextcloud allowed recipients to increase their permissions by sending a request to the server with the share token and ID, resulting in a security vulnerability...
GLSA-202208-17 : Nextcloud: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202208-17 Nextcloud: Multiple Vulnerabilities - Nextcloud Server is a Nextcloud package that handles data storage. Nextcloud Server versions prior to 19.0.11, 20.0.10, or 21.0.2 send user IDs to the lookup server even if the user...
CVE-2022-31120
Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been incompletely populated. In affected versions federated share events were not properly logged which would allow brute force attacks to go unnoticed. This behavior...
CVE-2022-31120 Federated share accepting/declining is not logged in audit log in Nextcloud Server
Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been incompletely populated. In affected versions federated share events were not properly logged which would allow brute force attacks to go unnoticed. This behavior...
CVE-2022-31120
Summary: CVE-2022-31120 affects Nextcloud Server. The issue is that federated share events were not properly logged in the audit log, enabling potential brute-force attempts to go unnoticed and exacerbating the impact of CVE-2022-31118. What’s affected: Nextcloud Server (versions before upgrades ...
CVE-2022-31120 Federated share accepting/declining is not logged in audit log in Nextcloud Server
Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been incompletely populated. In affected versions federated share events were not properly logged which would allow brute force attacks to go unnoticed. This behavior...
CVE-2022-31120 Federated share accepting/declining is not logged in audit log in Nextcloud Server
Nextcloud server is an open source personal cloud solution. The audit log is used to get a full trail of the actions which has been incompletely populated. In affected versions federated share events were not properly logged which would allow brute force attacks to go unnoticed. This behavior...
Nextcloud 安全漏洞
Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud versions prior to 22.2.9, 23.0.6, and 24.0.2, which stems from an attacker being able to brute-force find out ...
PT-2022-20541 · Nextcloud +1 · Nextcloud Server +1
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 22.2.9 Nextcloud Server versions prior to 23.0.6 Nextcloud Server versions prior to 24.0.2 Description: The issue affects Nextcloud server, an open source personal cloud solution. An attacker could brute for...
Design/Logic Flaw
richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Prior to versions 6.0.0, 5.0.4, and 4.2.6, a user could be tricked into working against a remote Office by sending them a federated share. richdocuments versions 6.0.0, 5.0.4 and 4.2.6 contain a fi...
CVE-2021-35946
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions...
CVE-2021-35946
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions...
Design/Logic Flaw
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions...
CVE-2021-35946
A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions...