Lucene search
K

4993 matches found

NVD
NVD
added 2019/07/30 9:15 p.m.22 views

CVE-2019-5450

Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...

6.8CVSS6.4AI score0.00495EPSS
Exploits1References1
OSV
OSV
added 2019/07/30 9:15 p.m.14 views

CVE-2019-5455

Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process...

6.8CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2019/07/30 9:15 p.m.16 views

Design/Logic Flaw

Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time...

2.1CVSS4.7AI score0.00385EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/07/30 9:15 p.m.20 views

Design/Logic Flaw

A missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event names when adding or modifying confidential or private events...

4CVSS4.6AI score0.00854EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/07/30 9:15 p.m.24 views

Sql injection

SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account...

7.5CVSS9.2AI score0.02019EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/07/30 9:15 p.m.13 views

Code injection

Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process...

4.6CVSS6.5AI score0.00463EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/07/30 9:15 p.m.15 views

Design/Logic Flaw

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved...

2.1CVSS4AI score0.00434EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/07/30 9:15 p.m.18 views

Hardcoded credentials

Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...

4.6CVSS6.4AI score0.00495EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/07/30 9:15 p.m.15 views

Design/Logic Flaw

Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider...

3.6CVSS6.2AI score0.00469EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/07/30 8:36 p.m.58 views

CVE-2019-5449

CVE-2019-5449 affects Nextcloud Server prior to 15.0.1. A missing check allows leaking calendar event names when adding or modifying confidential or private events. Multiple connected sources confirm an information disclosure vulnerability in Nextcloud Server before 15.0.1. Impact is information ...

4.3CVSS4.6AI score0.00854EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/30 8:36 p.m.27 views

CVE-2019-5449

A missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event names when adding or modifying confidential or private events...

4.5AI score0.00854EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/07/30 8:35 p.m.21 views

CVE-2019-5450

Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...

6.5AI score0.00495EPSS
Exploits1References1
CVE
CVE
added 2019/07/30 8:35 p.m.59 views

CVE-2019-5450

The CVE-2019-5450 entry concerns the Nextcloud Android app prior to version 3.7.0, where improper sanitization of HTML in directory names allowed styling in the header bar via basic HTML. Connected sources corroborate this as a Nextcloud Android client issue and include a public report describing...

6.8CVSS6.4AI score0.00495EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/30 8:33 p.m.25 views

CVE-2019-5451

Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time...

4.7AI score0.00385EPSS
Exploits0References1
CVE
CVE
added 2019/07/30 8:33 p.m.56 views

CVE-2019-5451

CVE-2019-5451 concerns the Nextcloud Android app prior to version 3.6.1, where bypassing the lock protection allowed access to files by repeatedly opening/closing the app in quick succession. The vulnerability affects the Android client’s ability to enforce device/user authentication for local fi...

4.6CVSS4.6AI score0.00385EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/30 8:32 p.m.18 views

CVE-2019-5452

Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved...

3.7AI score0.00434EPSS
Exploits1References1
CVE
CVE
added 2019/07/30 8:32 p.m.53 views

CVE-2019-5452

The CVE-2019-5452 entry concerns the Nextcloud Android app prior to version 3.6.2, where bypassing lock protection allowed leakage of thumbnails via the Android content provider. Connected sources confirm: (1) affected software: Nextcloud Android app; (2) vulnerability type: bypass of lock protec...

2.4CVSS3.8AI score0.00434EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/30 8:30 p.m.27 views

CVE-2019-5453

Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider...

6.2AI score0.00469EPSS
Exploits1References1
CVE
CVE
added 2019/07/30 8:30 p.m.54 views

CVE-2019-5453

Summary: CVE-2019-5453 affects the Nextcloud Android app prior to 3.3.0. The issue is a bypass of the app’s lock protection, allowing access to files when prompted for lock and switching to the Nextcloud file provider. Multiple connected sources corroborate the vulnerability, including CNVD/NVD e...

6.1CVSS6.2AI score0.00469EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/07/30 8:28 p.m.33 views

CVE-2019-5454

SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account...

9.3AI score0.02019EPSS
Exploits0References1
Rows per page
Query Builder