8 matches found
EUVD-2025-201447
Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed in 31.0.1...
Fedora 44 : nextcloud (2025-b4b3303299)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b4b3303299 advisory. Automatic update for nextcloud-31.0.9-1.fc44. Changelog Sat Sep 20 2025 Andrew Bauer - 31.0.9-1 - 31.0.9 release RHBZ2388493 RHBZ2389830 RHBZ2389831...
Linux Distros Unpatched Vulnerability : CVE-2025-38435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: riscv: vector: Fix context save/restore with xtheadvector Previously only v0-v7 were correct...
CVE-2024-30170
PrivX before 34.0 allows data exfiltration and denial of service via the REST API. This is fixed in minor versions 33.1, 32.3, 31.3, and later, and in major version 34.0 and later,...
PT-2022-20611 · Unknown +3 · C-Uitl/C-Shquote +4
Name of the Vulnerable Software and Affected Versions: dbus-broker versions prior to 31 Description: An issue was discovered in dbus-broker where it depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is...
PT-2022-20612 · Unknown +3 · Dbus-Broker +3
Name of the Vulnerable Software and Affected Versions: dbus-broker versions prior to 31 Description: An issue was discovered in dbus-broker where multiple NULL pointer dereferences can occur when a malformed XML config file is supplied. Recommendations: For versions prior to 31, update to version...
CVE-2022-26588
A Cross-Site Request Forgery CSRF in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI...
PT-2014-4247 · Mozilla +1 · Firefox Esr +3
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 34.0 Firefox ESR versions prior to 31.3 Thunderbird versions prior to 31.3 Description: The issue allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential...