CVE-2019-5455

Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process...

CVE-2019-5453

Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider...

Code injection

Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process...

Design/Logic Flaw

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved...

Design/Logic Flaw

Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time...

CVE-2019-5451

CVE-2019-5451 concerns the Nextcloud Android app prior to version 3.6.1, where bypassing the lock protection allowed access to files by repeatedly opening/closing the app in quick succession. The vulnerability affects the Android client’s ability to enforce device/user authentication for local fi...

CVE-2019-5452

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved...

CVE-2019-5452

The CVE-2019-5452 entry concerns the Nextcloud Android app prior to version 3.6.2, where bypassing lock protection allowed leakage of thumbnails via the Android content provider. Connected sources confirm: (1) affected software: Nextcloud Android app; (2) vulnerability type: bypass of lock protec...

CVE-2019-5453

Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider...

CVE-2019-5453

Summary: CVE-2019-5453 affects the Nextcloud Android app prior to 3.3.0. The issue is a bypass of the app’s lock protection, allowing access to files when prompted for lock and switching to the Nextcloud file provider. Multiple connected sources corroborate the vulnerability, including CNVD/NVD e...

CVE-2019-5455

Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process...

CVE-2019-5455

CVE-2019-5455 affects the Nextcloud Android app (v3.6.0). The issue allows bypassing the device lock protection during multi-account creation/abort, enabling the attacker to redirect to a default account without prompting for the lock pattern. Evidence includes a PoC described in the HackerOne re...

PT-2019-17684 · Nextcloud · Nextcloud Android App

Name of the Vulnerable Software and Affected Versions: Nextcloud Android app version 3.6.0 Description: The issue allows bypassing lock protection when creating a multi-account and aborting the process in the Nextcloud Android app. Recommendations: For Nextcloud Android app version 3.6.0, update ...

Bypass lock protection in Android app (NC-SA-2019-004)

Creating a fake multi-account and aborting the process would redirect the user to the default account of the device without asking for the lock pattern if one was set up...

CVE-2014-1380

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input...

Input validation

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input...

CVE-2014-1380

The Security - Keychain component in Apple OS X before 10.9.4 does not properly implement keystroke observers, which allows physically proximate attackers to bypass the screen-lock protection mechanism, and enter characters into an arbitrary window under the lock window, via keyboard input...