13 matches found
SAMSUNG Internet 安全漏洞
SAMSUNG Internet is a cell phone application from the South Korean company Samsung SAMSUNG. It provides a browser function. A security vulnerability exists in SAMSUNG Internet versions prior to 28.0.0.59, which stems from mishandling of insufficient privileges in the SyncClientProvider, which cou...
CVE-2025-47792
Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...
Malicious code in axle-react-native-app-sync-client (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-1793 Malicious code in axle-react-native-app-sync-client (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2022-39331
Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...
CVE-2022-39332
Summary (CVE-2022-39332) : The Nextcloud Desktop client (nextcloud-desktop) is affected. An attacker can inject arbitrary HTML into the Desktop Client via user status and information, enabling a desktop UI HTML injection (XSS) vulnerability. The issue is remedied by upgrading the Nextcloud Deskto...
CVE-2022-39331
CVE-2022-39331 affects the Nextcloud desktop client. An attacker can inject arbitrary HTML into the Desktop Client notifications due to insufficient input sanitisation. Public advisories (OpenSUSE/OpenSUSE SU, Debian LTS) and the Debian/NVD entries reference this issue, with remediation recommend...
CVE-2022-39332
Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via user status and information. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for...
CVE-2022-39331
Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue...
PT-2022-1359 · Unknown · File Sync Client
Name of the Vulnerable Software and Affected Versions: file sync client affected versions not specified Description: The issue is related to a path traversal error in the finishLsImpl function of file sync client.cpp. This error could allow access to the host's files, potentially leading to local...
ASB-A-209438553
In finishLsImpl of filesyncclient.cpp, there is a possible way to access host's files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
GLSA-202009-09 : Nextcloud Desktop Sync client: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202009-09 Nextcloud Desktop Sync client: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Nextcloud Desktop Sync client. Please review the CVE identifiers referenced below for details. Impact : Please revi...
CVE-2015-2851
clientchown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename...