XSS in SVG images when opened outside of Nextcloud

None...

EUVD-2024-45935

Malicious code in bioql PyPI...

EUVD-2024-36868

Malicious code in bioql PyPI...

EUVD-2024-45930

Malicious code in bioql PyPI...

Bypass group folder quota limit using attachment in text file

None...

Test remote endpoint is not rate limited

None...

Second factor not requested after session timeout

None...

CVE-2023-25817 Delete permissions are not saved when creating public share in Nextcloud server

Nextcloud server is an open source, personal cloud implementation. In versions from 24.0.0 and before 24.0.9 a user could escalate their permissions to delete files they were not supposed to deletable but only viewed or downloaded. This issue has been addressed andit is recommended that the...

Missing length validation of user displayname allows to generate an SQL error

None...

User enumeration setting not obeyed in User Status API

None...

Two-Factor Authentication not enforced for pages marked as public

None...

Lack of ratelimit on public DAV endpoint

None...