25 matches found
EUVD-2021-19534
Malware in sbrugna...
EUVD-2021-19511
Malware in sbrugna...
EUVD-2021-19512
Malware in sbrugna...
EUVD-2021-28289
Malicious code in bioql PyPI...
CVE-2021-32766
Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link sha...
CVE-2021-32733
Nextcloud Text is a collaborative document editing application that uses Markdown. A cross-site scripting vulnerability is present in versions prior to 19.0.13, 20.0.11, and 21.0.3. The Nextcloud Text application shipped with Nextcloud server used a text/html Content-Type when serving files to...
Nextcloud: Attachments folder for Text app is accessible on Files Drop/Password protected shares
The Nextcloud Text app's attachments folder was found to be accessible on Files Drop/Password protected shares...
Nextcloud 代码问题漏洞
Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud server, which stems from a session handling regression between Nextcloud Server and the Nextcloud Text application tha...
PT-2023-8428 · Nextcloud +1 · Nextcloud Server +2
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 25.0.6 Nextcloud Server versions prior to 26.0.1 Description: A regression in the session handling between Nextcloud Server and the Nextcloud Text app prevented a correct destruction of the session on logout...
User session not correctly destroyed on logout
None...
SUSE CVE-2021-32734
Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared files. The issu...
SUSE CVE-2021-32766
Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link sha...
SUSE CVE-2021-41233
Nextcloud text is a collaborative document editing using Markdown built for the nextcloud server. Due to an issue with the Nextcloud Text application, which is by default shipped with Nextcloud Server, an attacker is able to access the folder names of "File Drop". For successful exploitation an...
Nextcloud Information Disclosure Vulnerability (CNVD-2022-20155)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication applications platform from Nextcloud Germany.A security vulnerability exists in Nextcloud Server, which is due to an issue with the Nextcloud Text application which is provided with Nextcloud Server by...
CVE-2021-41233 Missing authorization in Nextcloud text
Nextcloud text is a collaborative document editing using Markdown built for the nextcloud server. Due to an issue with the Nextcloud Text application, which is by default shipped with Nextcloud Server, an attacker is able to access the folder names of "File Drop". For successful exploitation an...
Nextcloud has an unspecified vulnerability (CNVD-2022-18419)
Nextcloud Text is an open source self-hosted file synchronization and sharing communication application platform from the German company Nextcloud. Nextcloud Text has a security vulnerability that could be exploited by attackers to enumerate folders in such shares...
CVE-2021-32766
Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link sha...
CVE-2021-32766 Nextcloud Text app can disclose existence of folders in "File Drop" link share
Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link sha...
CVE-2021-32766
CVE-2021-32766 affects Nextcloud Text (bundled with Nextcloud Server). The issue: in affected versions, error messages differ based on whether a folder exists in a public File Drop share, allowing an attacker with a valid File Drop link to enumerate folders/files. Impact is information disclosure...
Nextcloud 安全漏洞
Nextcloud Text is an open source self-hosted file synchronization and sharing communication application platform from the German company Nextcloud. Nextcloud Text has a security vulnerability that could be exploited by attackers to enumerate folders in such shares...