Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud 9.0.6 vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2016-9465
Nextcloud Server prior to 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud allows the download of images stored within a vCard. Due to not performing a...
Owncloud Owncloud
Nextcloud Nextcloud Server
5
CVSSv2
CVE-2016-9467
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structu...
Owncloud Owncloud
Nextcloud Nextcloud Server
6.8
CVSSv2
CVE-2016-9463
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against a...
Owncloud Owncloud
Nextcloud Nextcloud Server
5
CVSSv2
CVE-2016-9468
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of inf...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2016-9466
Nextcloud Server prior to 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could infl...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2017-5865
The password reset functionality in ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 sends different error messages depending on whether the username is valid, which allows remote malicious users to enumerate user names via a l...
Owncloud Owncloud 9.0.2
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.5
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.0.0
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.4
Owncloud Owncloud 9.1.0
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.7
Owncloud Owncloud 8.2.8
Owncloud Owncloud
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.3
4
CVSSv2
CVE-2017-5866
The autocomplete feature in the E-Mail share dialog in ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors.
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.0.0
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.4
Owncloud Owncloud 8.2.7
Owncloud Owncloud 9.0.2
Owncloud Owncloud
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.0.4
Owncloud Owncloud 8.2.0
Owncloud Owncloud 8.2.1
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.1.0
Owncloud Owncloud 9.1.2
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.8
4
CVSSv2
CVE-2017-5867
ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a one bit BMP file.
Owncloud Owncloud 9.0.0
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.0.2
Owncloud Owncloud
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.1.0
Owncloud Owncloud 9.1.1
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.7
Owncloud Owncloud 8.2.8
Owncloud Owncloud 8.2.0
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.4
Owncloud Owncloud 8.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started