Lucene search
K

4998 matches found

Redos
Redos
added 2026/05/24 12:0 a.m.10 views

ROS-20260524-73-0046

Vulnerability in nextcloud related to authorization bypass through the use of a user-controlled key. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.00237EPSS
Exploits1
Redos
Redos
added 2026/05/24 12:0 a.m.9 views

ROS-20260524-73-0054

Vulnerability in nextcloud related to the use of dangerous methods or features. Exploitation of the vulnerability could allow an attacker to directly access the memory of a computing device to which thunderbolt-enabled devices are connected...

6.4CVSS5.8AI score0.00255EPSS
Exploits1
Redos
Redos
added 2026/05/24 12:0 a.m.11 views

ROS-20260524-73-0053

Vulnerability in nextcloud due to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.1CVSS6.2AI score0.00233EPSS
Exploits0
Wolfi
Wolfi
added 2026/05/21 1:48 a.m.17 views

CVE-2026-44167 vulnerabilities

Vulnerabilities for packages: nextcloud-server...

7.5CVSS5.8AI score0.00201EPSS
Exploits0
Wolfi
Wolfi
added 2026/05/21 1:48 a.m.14 views

GHSA-3QPQ-R242-JQJ7 vulnerabilities

Vulnerabilities for packages: nextcloud-server...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2026/05/21 1:18 a.m.21 views

CVE-2026-44167 vulnerabilities

Vulnerabilities for packages: nextcloud-server...

7.5CVSS5.8AI score0.00201EPSS
Exploits0
Chainguard
Chainguard
added 2026/05/21 1:18 a.m.10 views

GHSA-3QPQ-R242-JQJ7 vulnerabilities

Vulnerabilities for packages: nextcloud-server...

5.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/15 12:44 p.m.12 views

CVE-2026-44515

A flaw was found in Nextcloud News. An authenticated attacker could exploit this by providing a malicious feed URL that points to internal or private network addresses. This action causes the Nextcloud server to perform server-side HTTP requests to attacker-controlled destinations without relayin...

2.3CVSS5.8AI score0.00185EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 5:16 p.m.12 views

CVE-2026-44515

Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...

2.3CVSS0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 4:36 p.m.46 views

CVE-2026-44515 Nextcloud News: Authenticated blind SSRF via feed URL

Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...

2.3CVSS0.00185EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:36 p.m.9 views

CVE-2026-44515 Nextcloud News: Authenticated blind SSRF via feed URL

Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...

2.3CVSS5.8AI score0.00185EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:36 p.m.10 views

CVE-2026-44515

Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...

2.3CVSS5.8AI score0.00185EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/14 4:36 p.m.26 views

CVE-2026-44515

CVE-2026-44515 : Nextcloud News is vulnerable to blind SSRF in versions prior to 28.3.0-beta.1. An authenticated user can add feeds by URL, including internal/private IPs or localhost, causing the server to perform server-side HTTP requests to attacker-controlled destinations without relaying res...

2.3CVSS5.8AI score0.00185EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

Nextcloud News app 代码问题漏洞

The Nextcloud News app is an RSS/Atom news aggregator developed by Nextcloud as open source. Versions of the Nextcloud News app prior to 28.3.0-beta.1 contained code vulnerabilities. These vulnerabilities stemmed from the lack of verification of the feed URL provided by users, which could lead to...

2.3CVSS5.9AI score0.00185EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.16 views

PT-2026-40964

Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL via the web interface or the API. In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or...

2.3CVSS5.8AI score0.00185EPSS
Exploits0References2
Nextcloud
Nextcloud
added 2026/05/12 8:23 a.m.16 views

fileId parameter reveals workflow associations in Nextcloud Approval app

None...

3.3CVSS5.8AI score0.0013EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2026/05/11 1:3 a.m.27 views

[SECURITY] Fedora 43 Update: nextcloud-33.0.3-1.fc43

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

9.9CVSS6.4AI score0.01815EPSS
Exploits15
Fedora
Fedora
added 2026/05/10 3:23 a.m.39 views

[SECURITY] Fedora 42 Update: nextcloud-33.0.3-1.fc42

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

9.9CVSS6.5AI score0.01815EPSS
Exploits15
Fedora
Fedora
added 2026/05/10 2:55 a.m.33 views

[SECURITY] Fedora 44 Update: nextcloud-33.0.3-1.fc44

NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...

9.9CVSS6.5AI score0.01815EPSS
Exploits15
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.7 views

Fedora 43 : nextcloud (2026-6599e30e04)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6599e30e04 advisory. 33.0.3 Release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

9.9CVSS6.4AI score0.01815EPSS
Exploits15References13
Rows per page
Query Builder