4993 matches found
CVE-2019-5450
Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...
CVE-2019-5455
Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process...
Design/Logic Flaw
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time...
Design/Logic Flaw
A missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event names when adding or modifying confidential or private events...
Sql injection
SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account...
Code injection
Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process...
Design/Logic Flaw
Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved...
Hardcoded credentials
Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...
Design/Logic Flaw
Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider...
CVE-2019-5449
CVE-2019-5449 affects Nextcloud Server prior to 15.0.1. A missing check allows leaking calendar event names when adding or modifying confidential or private events. Multiple connected sources confirm an information disclosure vulnerability in Nextcloud Server before 15.0.1. Impact is information ...
CVE-2019-5449
A missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event names when adding or modifying confidential or private events...
CVE-2019-5450
Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML...
CVE-2019-5450
The CVE-2019-5450 entry concerns the Nextcloud Android app prior to version 3.7.0, where improper sanitization of HTML in directory names allowed styling in the header bar via basic HTML. Connected sources corroborate this as a Nextcloud Android client issue and include a public report describing...
CVE-2019-5451
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time...
CVE-2019-5451
CVE-2019-5451 concerns the Nextcloud Android app prior to version 3.6.1, where bypassing the lock protection allowed access to files by repeatedly opening/closing the app in quick succession. The vulnerability affects the Android client’s ability to enforce device/user authentication for local fi...
CVE-2019-5452
Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved...
CVE-2019-5452
The CVE-2019-5452 entry concerns the Nextcloud Android app prior to version 3.6.2, where bypassing lock protection allowed leakage of thumbnails via the Android content provider. Connected sources confirm: (1) affected software: Nextcloud Android app; (2) vulnerability type: bypass of lock protec...
CVE-2019-5453
Bypass lock protection in the Nextcloud Android app prior to version 3.3.0 allowed access to files when being prompted for the lock protection and switching to the Nextcloud file provider...
CVE-2019-5453
Summary: CVE-2019-5453 affects the Nextcloud Android app prior to 3.3.0. The issue is a bypass of the app’s lock protection, allowing access to files when prompted for lock and switching to the Nextcloud file provider. Multiple connected sources corroborate the vulnerability, including CNVD/NVD e...
CVE-2019-5454
SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account...