Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-9339
A logical error in ownCloud Server prior to 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token.
Owncloud Owncloud
4
CVSSv2
CVE-2017-9340
An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server prior to 10.0.2.
Owncloud Owncloud
3.5
CVSSv2
CVE-2017-0891
Nextcloud Server prior to 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to an inadequate escaping of error messages leading to XSS vulnerabilities in multiple components.
Nextcloud Nextcloud Server
4
CVSSv2
CVE-2016-9461
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access...
Owncloud Owncloud
Nextcloud Nextcloud Server
4
CVSSv2
CVE-2016-9462
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-onl...
Owncloud Owncloud
Nextcloud Nextcloud Server
3.5
CVSSv2
CVE-2016-9465
Nextcloud Server prior to 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud allows the download of images stored within a vCard. Due to not performing a...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2016-9466
Nextcloud Server prior to 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could infl...
Owncloud Owncloud
Nextcloud Nextcloud Server
6.8
CVSSv2
CVE-2016-9463
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against a...
Owncloud Owncloud
Nextcloud Nextcloud Server
5
CVSSv2
CVE-2016-9467
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structu...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2016-9459
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivere...
Nextcloud Nextcloud Server
Owncloud Owncloud
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »