Lucene search
K

13 matches found

CNNVD
CNNVD
added 2025/06/04 12:0 a.m.6 views

SAMSUNG Internet 安全漏洞

SAMSUNG Internet is a cell phone application from the South Korean company Samsung SAMSUNG. It provides a browser function. A security vulnerability exists in SAMSUNG Internet versions prior to 28.0.0.59, which stems from mishandling of insufficient privileges in the SyncClientProvider, which cou...

7.1CVSS6.3AI score0.00102EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/05/16 2:13 p.m.8 views

CVE-2025-47792

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

6.1CVSS5.3AI score0.00152EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:29 p.m.5 views

Malicious code in axle-react-native-app-sync-client (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/06/25 12:29 p.m.16 views

MAL-2024-1793 Malicious code in axle-react-native-app-sync-client (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2022/11/25 7:15 p.m.26 views

CVE-2022-39331

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...

5.4CVSS6.1AI score0.00864EPSS
Exploits1References1
CVE
CVE
added 2022/11/25 12:0 a.m.93 views

CVE-2022-39332

Summary (CVE-2022-39332) : The Nextcloud Desktop client (nextcloud-desktop) is affected. An attacker can inject arbitrary HTML into the Desktop Client via user status and information, enabling a desktop UI HTML injection (XSS) vulnerability. The issue is remedied by upgrading the Nextcloud Deskto...

5.4CVSS5AI score0.00884EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2022/11/25 12:0 a.m.90 views

CVE-2022-39331

CVE-2022-39331 affects the Nextcloud desktop client. An attacker can inject arbitrary HTML into the Desktop Client notifications due to insufficient input sanitisation. Public advisories (OpenSUSE/OpenSUSE SU, Debian LTS) and the Debian/NVD entries reference this issue, with remediation recommend...

5.4CVSS5AI score0.00864EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2022/11/25 12:0 a.m.25 views

CVE-2022-39332

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via user status and information. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for...

5.4CVSS5.4AI score0.00884EPSS
Exploits1
Debian CVE
Debian CVE
added 2022/11/25 12:0 a.m.37 views

CVE-2022-39331

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...

5.4CVSS5.4AI score0.00864EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/06/01 12:0 a.m.4 views

PT-2022-1359 · Unknown · File Sync Client

Name of the Vulnerable Software and Affected Versions: file sync client affected versions not specified Description: The issue is related to a path traversal error in the finishLsImpl function of file sync client.cpp. This error could allow access to the host's files, potentially leading to local...

9.1AI score
Exploits0References12
OSV
OSV
added 2022/06/01 12:0 a.m.7 views

ASB-A-209438553

In finishLsImpl of filesyncclient.cpp, there is a possible way to access host's files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/09/14 12:0 a.m.33 views

GLSA-202009-09 : Nextcloud Desktop Sync client: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202009-09 Nextcloud Desktop Sync client: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Nextcloud Desktop Sync client. Please review the CVE identifiers referenced below for details. Impact : Please revi...

7.8CVSS6.3AI score0.2245EPSS
Exploits3References4
NVD
NVD
added 2015/05/30 7:59 p.m.18 views

CVE-2015-2851

clientchown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename...

6.8CVSS6.4AI score0.00757EPSS
Exploits0References3
Rows per page
Query Builder