Lucene search
K
OwncloudOwncloud Client

7 matches found

CVE
CVE
added 2022/04/07 2:1 p.m.104 views

CVE-2022-25338

ownCloud owncloud/android before 2.20 has Incorrect Access Control for physically proximate attackers, enabling a local bypass of the app lock. This is supported by NVD, Red Hat, OSV, and the official ownCloud advisory. Exploitation details are not provided in the connected documents, and no fixe...

6.8CVSS6.6AI score0.00236EPSS
CVE
CVE
added 2022/04/07 2:21 p.m.96 views

CVE-2022-25339

CVE-2022-25339 affects the ownCloud Android client, specifically version 2.20 . The issue is described as an Incorrect Access Control vulnerability that enables a local attacker with access to the device to access internal app files. The core impact is exposure of internal files due to permissive...

5.5CVSS5.4AI score0.00212EPSS
CVE
CVE
added 2021/02/19 7:0 a.m.94 views

CVE-2020-36250

The CVE-2020-36250 entry applies to the ownCloud Android client, affected versions prior to 2.15. The vulnerability arises from a bypass of the lock protection mechanism when the system date/time is moved to the past. The connected sources confirm this behavior but do not provide a published reme...

6.1CVSS4.8AI score0.0026EPSS
CVE
CVE
added 2023/02/13 4:28 p.m.76 views

CVE-2023-24804

Summary: The ownCloud Android app (prior to v3.0) has an incomplete fix for a path traversal issue, with two bypass methods that can disclose information when uploading internal files and allow arbitrary file writes for plain text uploads (limited by .txt). Version 3.0 fixes these bypasses. Impac...

5CVSS4.8AI score0.00524EPSS
CVE
CVE
added 2023/02/13 4:30 p.m.65 views

CVE-2023-23948

The CVE-2023-23948 entry concerns the ownCloud Android app (v2.21.1) vulnerable to SQL injection in FileContentProvider.kt, leading to potential information disclosure. The issue affects two databases: filelist (deprecated in v3.0) and owncloud_database, with injections in the latter remaining re...

6.2CVSS5.8AI score0.00464EPSS
CVE
CVE
added 2015/10/29 8:0 p.m.58 views

CVE-2015-5955

CVE-2015-5955 affects the ownCloud iOS app prior to version 3.4.4. The vulnerability arises from improper handling of state when switching between multiple configured ownCloud instances, which may cause the app to continue sending previous authentication headers and leak credentials and cookies t...

5CVSS6.2AI score0.01093EPSS
CVE
CVE
added 2021/02/19 7:0 a.m.53 views

CVE-2020-36248

CVE-2020-36248 affects the Android app OwnCloud up to version 2.14 (before 2.15). The vulnerability arises because an attacker can use adb to inject a PIN preferences value into a backup archive, allowing the PIN lock to be bypassed when restoring that archive. The available connected documents c...

4.6CVSS4.6AI score0.00139EPSS