4998 matches found
ROS-20260524-73-0046
Vulnerability in nextcloud related to authorization bypass through the use of a user-controlled key. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
ROS-20260524-73-0054
Vulnerability in nextcloud related to the use of dangerous methods or features. Exploitation of the vulnerability could allow an attacker to directly access the memory of a computing device to which thunderbolt-enabled devices are connected...
ROS-20260524-73-0053
Vulnerability in nextcloud due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
CVE-2026-44167 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-3QPQ-R242-JQJ7 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-44167 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-3QPQ-R242-JQJ7 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2026-44515
A flaw was found in Nextcloud News. An authenticated attacker could exploit this by providing a malicious feed URL that points to internal or private network addresses. This action causes the Nextcloud server to perform server-side HTTP requests to attacker-controlled destinations without relayin...
CVE-2026-44515
Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...
CVE-2026-44515 Nextcloud News: Authenticated blind SSRF via feed URL
Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...
CVE-2026-44515 Nextcloud News: Authenticated blind SSRF via feed URL
Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...
CVE-2026-44515
Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...
CVE-2026-44515
CVE-2026-44515 : Nextcloud News is vulnerable to blind SSRF in versions prior to 28.3.0-beta.1. An authenticated user can add feeds by URL, including internal/private IPs or localhost, causing the server to perform server-side HTTP requests to attacker-controlled destinations without relaying res...
Nextcloud News app 代码问题漏洞
The Nextcloud News app is an RSS/Atom news aggregator developed by Nextcloud as open source. Versions of the Nextcloud News app prior to 28.3.0-beta.1 contained code vulnerabilities. These vulnerabilities stemmed from the lack of verification of the feed URL provided by users, which could lead to...
PT-2026-40964
Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...
fileId parameter reveals workflow associations in Nextcloud Approval app
None...
[SECURITY] Fedora 43 Update: nextcloud-33.0.3-1.fc43
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
[SECURITY] Fedora 42 Update: nextcloud-33.0.3-1.fc42
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
[SECURITY] Fedora 44 Update: nextcloud-33.0.3-1.fc44
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...
Fedora 43 : nextcloud (2026-6599e30e04)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6599e30e04 advisory. 33.0.3 Release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...