CVE-2023-23948
- EPSS 0.12%
- Veröffentlicht 13.02.2023 17:15:11
- Zuletzt bearbeitet 26.03.2025 17:06:15
The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Version 2.21.1 of the ownCloud Android app is vulnerable to SQL injection in `FileContentProvider.kt`. This issue can lead to information disclosure. Two dat...
CVE-2023-24804
- EPSS 0.45%
- Veröffentlicht 13.02.2023 17:15:11
- Zuletzt bearbeitet 26.03.2025 17:34:24
The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information ...
CVE-2022-25339
- EPSS 0.13%
- Veröffentlicht 07.04.2022 15:15:07
- Zuletzt bearbeitet 26.03.2025 18:05:56
ownCloud owncloud/android 2.20 has Incorrect Access Control for local attackers.
CVE-2022-25338
- EPSS 0.15%
- Veröffentlicht 07.04.2022 14:15:07
- Zuletzt bearbeitet 26.03.2025 18:06:02
ownCloud owncloud/android before 2.20 has Incorrect Access Control for physically proximate attackers.
CVE-2020-36248
- EPSS 0.03%
- Veröffentlicht 19.02.2021 08:15:11
- Zuletzt bearbeitet 26.03.2025 17:06:15
The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN preferences value in a backup archive, and consequently bypass the PIN lock feature by restoring from this archive.
CVE-2020-36250
- EPSS 0.06%
- Veröffentlicht 19.02.2021 07:15:13
- Zuletzt bearbeitet 26.03.2025 17:06:15
In the ownCloud application before 2.15 for Android, the lock protection mechanism can be bypassed by moving the system date/time into the past.
- EPSS 0.2%
- Veröffentlicht 29.10.2015 20:59:06
- Zuletzt bearbeitet 12.04.2025 10:46:40
ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers.