Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-36248
The ownCloud application prior to 2.15 for Android allows malicious users to use adb to include a PIN preferences value in a backup archive, and consequently bypass the PIN lock feature by restoring from this archive.
Owncloud Owncloud
5
CVSSv2
CVE-2020-36249
The File Firewall prior to 2.8.0 for ownCloud Server does not properly enforce file-type restrictions for public shares.
Owncloud File Firewall
2.1
CVSSv2
CVE-2020-36250
In the ownCloud application prior to 2.15 for Android, the lock protection mechanism can be bypassed by moving the system date/time into the past.
Owncloud Owncloud
4
CVSSv2
CVE-2020-36251
ownCloud Server prior to 10.3.0 allows an attacker, who has received non-administrative access to a group share, to remove everyone else's access to that share.
Owncloud Owncloud
2.7
CVSSv2
CVE-2020-36252
ownCloud Server 10.x prior to 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number.
Owncloud Owncloud
6.5
CVSSv2
CVE-2020-10252
An issue exists in ownCloud prior to 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (aka Blind SSRF) or conduct a Denial Of Service attack.
Owncloud Owncloud
4.3
CVSSv2
CVE-2020-10254
An issue exists in ownCloud prior to 10.4. An attacker can bypass authentication on a password-protected image by displaying its preview.
Owncloud Owncloud
4.3
CVSSv2
CVE-2020-28644
The CSRF (Cross Site Request Forgery) token check was improperly implemented on cookie authenticated requests against some ocs API endpoints. This affects ownCloud/core version < 10.6.
Owncloud Owncloud
5
CVSSv2
CVE-2020-28645
Deleting users with certain names caused system files to be deleted. Risk is higher for systems which allow users to register themselves and have the data directory in the web root. This affects ownCloud/core versions < 10.6.
Owncloud Owncloud
3.5
CVSSv2
CVE-2020-16144
When using an object storage like S3 as the file store, when a user creates a public link to a folder where anonymous users can upload files, and another user uploads a virus the files antivirus app would detect the virus but fails to delete it due to permission issues. This affe...
Owncloud Files Antivirus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »