77 matches found
Unspecified vulnerability in Nextcloud (CNVD-2021-51815)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that stems from a lack of privilege checking in Nextcloud Server, where tokens are able to change their ow...
Unspecified Vulnerability in Nextcloud (CNVD-2021-51800)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in Nextcloud Mail versions prior to 1.9.6, which stems from a privacy filter failing to filter images with the...
Unspecified Vulnerability in Nextcloud (CNVD-2021-51814)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.0.11, and 21.0.3, which stems from the audit logging feature failing to log...
Unspecified vulnerability in Nextcloud (CNVD-2021-51803)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3 can be exploited by an attacker to enumerate potentially valid...
Unspecified Vulnerability in Nextcloud (CNVD-2021-51810)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.0.11, and 21.0.3, which stems from the fact that rate limiting in Nextcloud...
Unspecified vulnerability in Nextcloud (CNVD-2021-51795)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.011, and 21.0.3, which can be exploited by an attacker to enumerate...
Nextcloud 安全漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.0.11, and 21.0.3, which stems from the fact that rate limiting in Nextcloud...
Nextcloud 安全漏洞
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server versions prior to 19.0.13, 20.011, and 21.0.3, which can be exploited by an attacker to enumerate...
Unspecified vulnerability in Nextcloud (CNVD-2021-39032)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that can be exploited by an attacker to send a user ID to a lookup server when the user is not set to a...
Unspecified Vulnerability in Nextcloud (CNVD-2021-39030)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that can be exploited by an attacker to access basic information about a server user by accessing a public...
Unspecified vulnerability in Nextcloud (CNVD-2021-39033)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server, which stems from the fact that when a sharing user opens the sharing panel and attempts to delete the...
Unspecified Vulnerability in Nextcloud (CNVD-2021-39031)
Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that stems from a public link that can be added as a federated file share. An attacker could use this...
PT-2021-15249 · Nextcloud +1 · Nextcloud +1
Name of the Vulnerable Software and Affected Versions: Nextcloud versions prior to 20.0.6 Description: A missing user check in Nextcloud inadvertently populates a user's own credentials for other users' external storage configuration when not already configured yet. Recommendations: For Nextcloud...
Nextcloud Server Server-Side Encryption Keys Insufficiently Protected Vulnerability
Nextcloud is a set of client-server software for creating file hosting services and using them. Nextcloud Server 19.0.1 suffers from an insufficiently protected server-side encryption key vulnerability. An attacker could exploit the vulnerability by replacing the encryption key...
CVE-2016-9465
Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud allows the download of images stored within a vCard. Due to not performing any kind of verification o...
CVE-2016-9467
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to displa...
CVE-2016-9459
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivered with an attachment...