4999 matches found
[SECURITY] Fedora 42 Update: qownnotes-26.1.7-4.fc42
QOwnNotes is the open source notepad with Markdown support and todo list mana ger for GNU/Linux, macOS and Windows, that works together with Nextcloud Notes and ownCloud Notes. You are able to write down your thoughts with QOwnNotes and edit or search for them later from your mobile device, like...
ROS-20260129-73-0046
Vulnerability in nextcloud related to flaws in access to personal information. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
ROS-20260129-73-0045
Vulnerability in nextcloud related to bugs in security settings. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260129-73-0048
Vulnerability in nextcloud-app-calendar related to improper handling of an unexpected data type. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260129-73-0047
Vulnerability in nextcloud related to authorization bypass through the use of a user-controlled key. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...
ROS-20260129-73-0050
Vulnerability in nextcloud-app-contacts related to failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
ROS-20260129-73-0049
Vulnerability in nextcloud-app-calendar related to the use of insufficiently randomized values. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
CVE-2025-66552 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2025-66547 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
[SECURITY] Fedora 43 Update: qownnotes-26.1.7-4.fc43
QOwnNotes is the open source notepad with Markdown support and todo list mana ger for GNU/Linux, macOS and Windows, that works together with Nextcloud Notes and ownCloud Notes. You are able to write down your thoughts with QOwnNotes and edit or search for them later from your mobile device, like...
Nextcloud: View-only guests could see deleted Collectives pages in the trashbin
A vulnerability was discovered where view-only guests could see deleted Collectives pages in the trashbin...
Nextcloud: IDOR on ██████ via direct photo URL leads to unauthorized access to deleted and other users' photos
Summary: An Insecure Direct Object Reference IDOR vulnerability exists in the application that allows unauthorized access to photos belonging to other users. The application does not properly validate whether the logged-in user is authorized to access a photo when accessing it via direct URL. Thi...
PT-2026-23549
Name of the Vulnerable Software and Affected Versions OpenClaw Nextcloud Talk plugin versions prior to 2026.2.6 Description The Nextcloud Talk plugin allows attackers to bypass direct message DM and room allowlists. The plugin incorrectly uses the mutable actor.name field for allowlist validation...
Nextcloud: Private circle can be added to another circle via API despite visibility restriction
A vulnerability was discovered where private circles could be added to other circles via the API, despite visibility restrictions...
CVE-2025-14761 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-X8CP-JF6F-R4XH vulnerabilities
Vulnerabilities for packages: nextcloud-server...
GHSA-X8CP-JF6F-R4XH vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2025-14761 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
CVE-2021-22912
Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user...
CVE-2021-22913
Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user...