CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2021/09/07 9:15 p.m.•15 views

CVE-2021-32766

Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case the public link sha...

5.3CVSS0.00384EPSS

Exploits0References3

OSV•added 2021/09/07 7:15 p.m.•11 views

CVE-2021-35949

The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share...

5.3CVSS6.8AI score0.00176EPSS

Exploits0References2

UbuntuCve•added 2021/09/07 7:15 p.m.•19 views

CVE-2021-35949

The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share...

5.3CVSS6.1AI score0.00176EPSS

Exploits0References3

Cvelist•added 2021/09/07 6:59 p.m.•13 views

CVE-2021-35949

The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share...

6AI score0.00176EPSS

Exploits0References2

OwnCloud•added 2021/08/02 12:0 a.m.•26 views

Shareinfo url doesn't verify file drop permissions - ownCloud

The permission check for a file drop upload only share could be circumvented by using the shareinfo API. This allowed to see from the files in the filedrop but didn’t allow downloads...

4.3CVSS1.6AI score0.00176EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by