Lucene search
+L

9 matches found

OSV
OSV
added 2026/05/18 3:36 p.m.9 views

GHSA-QQ2P-4282-CFC5 eduMFA: Incorrect InnoDB snapshot isolation possibly allows token reusage

Impact For deployments using MySQL or MariaDB = 11.6.2 the default is ON, which is not affected - Same rules applies for Galera with underlying MariaDB Patches Fixed in version 2.9.1 by locking rows prior to write with SELECT FOR UPDATE. Workarounds Set innodbsnapshotisolation to ON default in...

7.1CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-19508

Malware in sbrugna...

9.8CVSS9.2AI score0.01779EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.5 views

SUSE CVE-2021-32726

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, webauthn tokens were not deleted after a user has been deleted. If a victim reused an earlier used username, the previous user could gain access to their account. The issue was fix...

9.8CVSS9.1AI score0.01779EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2021/07/21 12:0 a.m.334 views

Security update for nextcloud (important)

openSUSE Security Update: Security update for nextcloud Announcement ID: openSUSE-SU-2021:1068-1 Rating: important References: 1181445 1181803 1181804 1188247 1188248 1188249 1188250 1188251 1188252 1188253 1188254 1188255 1188256 Cross-References: CVE-2020-8293 CVE-2020-8294 CVE-2020-8295...

9.8CVSS7.2AI score0.02309EPSS
Exploits1References13
OSV
OSV
added 2021/07/12 8:15 p.m.12 views

CVE-2021-32726

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, webauthn tokens were not deleted after a user has been deleted. If a victim reused an earlier used username, the previous user could gain access to their account. The issue was fix...

9.8CVSS6.7AI score
Exploits0References4
Prion
Prion
added 2021/07/12 8:15 p.m.19 views

Code injection

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, webauthn tokens were not deleted after a user has been deleted. If a victim reused an earlier used username, the previous user could gain access to their account. The issue was fix...

7.5CVSS9.3AI score0.01779EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2021/07/12 7:45 p.m.178 views

CVE-2021-32726

Summary (CVE-2021-32726) Nextcloud Server versions prior to 19.0.13, 20.0.11, and 21.0.3 did not delete webauthn tokens after a user was deleted, allowing a previously used username to gain access to that account. The issue has been fixed in 19.0.13, 20.0.11, and 21.0.3. There are no known workar...

9.8CVSS8.1AI score0.01779EPSS
Exploits0References4Affected Software1
Nextcloud
Nextcloud
added 2021/07/12 9:22 a.m.59 views

Webauthn tokens not removed after user has been deleted

None...

9.8CVSS8.6AI score0.01779EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/07/12 12:0 a.m.3 views

PT-2021-19887 · Nextcloud +2 · Nextcloud Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 19.0.13 Nextcloud Server versions prior to 20.0.11 Nextcloud Server versions prior to 21.0.3 Description: The issue concerns the handling of webauthn tokens in Nextcloud Server. In affected versions, webauth...

10CVSS6.2AI score0.02604EPSS
Exploits3References81
Rows per page
Query Builder