Nextcloud

Nextcloud

155 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.95%
  • Veröffentlicht 26.01.2022 23:15:08
  • Zuletzt bearbeitet 21.11.2024 06:25:39

The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions prior to 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required `MANA...

  • EPSS 1.87%
  • Veröffentlicht 25.01.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:29:58

The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the providers `FileContentProvider` and `DiskLruImageCac...

  • EPSS 2.37%
  • Veröffentlicht 09.12.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:29:30

Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped use...

  • EPSS 1.5%
  • Veröffentlicht 25.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:40

Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any component of Nextcloud using rate-limits (as as `Anon...

  • EPSS 1.73%
  • Veröffentlicht 25.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:41

Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files....

  • EPSS 1.16%
  • Veröffentlicht 25.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:25:41

Nextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public. Any page marked as `@PublicPage` could thus be a...

  • EPSS 1.8%
  • Veröffentlicht 07.09.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:46

Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is able to bypass Two Factor Authentication in Nextcloud. Thus knowledge of a password, or access to a WebAuthN trusted device of a user was sufficient t...

  • EPSS 0.24%
  • Veröffentlicht 07.09.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:46

Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the ...

  • EPSS 2.6%
  • Veröffentlicht 07.09.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:46

Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted...

  • EPSS 1.34%
  • Veröffentlicht 07.09.2021 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:07:41

Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. ...