CVE-2021-44537
- EPSS 1.09%
- Published 15.01.2022 21:15:09
- Last modified 21.11.2024 06:31:11
ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.
CVE-2020-28646
- EPSS 0.13%
- Published 26.02.2021 15:15:11
- Last modified 21.11.2024 05:23:05
ownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plugins from certain directories when they were present.
CVE-2016-7102
- EPSS 0.17%
- Published 23.01.2017 21:59:02
- Last modified 20.04.2025 01:37:25
ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a "special path" in the C: drive.
CVE-2015-7298
- EPSS 0.25%
- Published 26.10.2015 14:59:10
- Last modified 12.04.2025 10:46:40
ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote attackers to conduct man-in-the-middle (MITM) atta...
CVE-2015-4456
- EPSS 0.16%
- Published 26.10.2015 14:59:00
- Last modified 12.04.2025 10:46:40
ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which allows man-in-the-middle attackers to bypass the user's certificate distrust decision and obtain sensitive information by l...