1092 matches found
CVE-2025-66547 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2025-66552 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2025-14761 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-X8CP-JF6F-R4XH vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2025-14761 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-X8CP-JF6F-R4XH vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2025-64500 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-3RG7-WF37-54RM vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-3RG7-WF37-54RM vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2025-64500 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
Nextcloud Server IDOR Vulnerability (GHSA-h6j9-6xjq-44c4)
Nextcloud Server is prone to an Insecure Direct Object Reference IDOR vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-64011
Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference IDOR in the /core/preview endpoint. Any authenticated user can access previews of arbitrary files belonging to other users by manipulating the fileId parameter. This allows unauthorized disclosure of sensitive data, such...
EUVD-2025-203106
Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference IDOR in the /core/preview endpoint. Any authenticated user can access previews of arbitrary files belonging to other users by manipulating the fileId parameter. This allows unauthorized disclosure of sensitive data, such...
CVE-2025-64011
Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference (IDOR) in the /core/preview endpoint. An authenticated user can access previews of arbitrary files belonging to other users by manipulating the fileId parameter, enabling unauthorized disclosure of sensitive data (text, ...
CVE-2025-64011
Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference IDOR in the /core/preview endpoint. Any authenticated user can access previews of arbitrary files belonging to other users by manipulating the fileId parameter. This allows unauthorized disclosure of sensitive data, such...
CVE-2025-64011
Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference IDOR in the /core/preview endpoint. Any authenticated user can access previews of arbitrary files belonging to other users by manipulating the fileId parameter. This allows unauthorized disclosure of sensitive data, such...
PT-2025-50959
Name of the Vulnerable Software and Affected Versions Nextcloud Server version 30.0.0 Description Nextcloud Server 30.0.0 contains an Insecure Direct Object Reference IDOR issue in the /core/preview endpoint. An authenticated user can access previews of arbitrary files belonging to other users by...
Nextcloud Server 安全漏洞
Nextcloud Server is a Nextcloud server program from Nextcloud Open Source. A security vulnerability exists in Nextcloud Server version 30.0.0, which stems from the presence of an insecure direct object reference in the /core/preview endpoint that could lead to unauthorized access to sensitive dat...
SUSE CVE-2025-66512
Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Server Enterprise prior to 31.0.12 and 32.0.3, a missing sanitization allowed malicious users to circumvent the content security policy when a malicious user manages to trick a user it viewing an uploaded SVG outside...
Nextcloud Server Information Disclosure Vulnerability (GHSA-495w-cqv6-wr59)
Nextcloud Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...