Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-9468
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of inf...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2016-9466
Nextcloud Server prior to 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could infl...
Owncloud Owncloud
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2017-5865
The password reset functionality in ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 sends different error messages depending on whether the username is valid, which allows remote malicious users to enumerate user names via a l...
Owncloud Owncloud 9.0.2
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.5
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.0.0
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.4
Owncloud Owncloud 9.1.0
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.7
Owncloud Owncloud 8.2.8
Owncloud Owncloud
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.3
4
CVSSv2
CVE-2017-5866
The autocomplete feature in the E-Mail share dialog in ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors.
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.0.0
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.4
Owncloud Owncloud 8.2.7
Owncloud Owncloud 9.0.2
Owncloud Owncloud
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.0.4
Owncloud Owncloud 8.2.0
Owncloud Owncloud 8.2.1
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.1.0
Owncloud Owncloud 9.1.2
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.8
4
CVSSv2
CVE-2017-5867
ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a one bit BMP file.
Owncloud Owncloud 9.0.0
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.0.2
Owncloud Owncloud
Owncloud Owncloud 9.0.3
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.5
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.1.0
Owncloud Owncloud 9.1.1
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.7
Owncloud Owncloud 8.2.8
Owncloud Owncloud 8.2.0
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.2
Owncloud Owncloud 8.2.4
Owncloud Owncloud 8.2.1
4.6
CVSSv2
CVE-2016-7102
ownCloud Desktop prior to 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a "special path" in the C: drive.
Owncloud Owncloud Desktop Client
4.3
CVSSv2
CVE-2016-5876
ownCloud server prior to 8.2.6 and 9.x prior to 9.0.3, when the gallery app is enabled, allows remote malicious users to download arbitrary images via a direct request.
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.0.0
Owncloud Owncloud 9.0.2
Owncloud Owncloud
3.5
CVSSv2
CVE-2016-7419
Cross-site scripting (XSS) vulnerability in share.js in the gallery application in ownCloud Server prior to 9.0.4 and Nextcloud Server prior to 9.0.52 allows remote authenticated users to inject arbitrary web script or HTML via a crafted directory name.
Nextcloud Nextcloud Server
Owncloud Owncloud
3.5
CVSSv2
CVE-2016-1500
ownCloud Server prior to 7.0.12, 8.0.x prior to 8.0.10, 8.1.x prior to 8.1.5, and 8.2.x prior to 8.2.2, when the "file_versions" application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with ...
Owncloud Owncloud
Owncloud Owncloud 8.2.1
Owncloud Owncloud 8.1.0
Owncloud Owncloud 8.0.9
Owncloud Owncloud 8.0.8
Owncloud Owncloud 8.0.6
Owncloud Owncloud 8.2.0
Owncloud Owncloud 8.1.3
Owncloud Owncloud 8.0.4
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.1.4
Owncloud Owncloud 8.1.1
Owncloud Owncloud 8.0.5
Owncloud Owncloud 8.0.3
Owncloud Owncloud 8.0.0
4.3
CVSSv2
CVE-2016-1498
Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud Server prior to 7.0.12, 8.0.x prior to 8.0.10, 8.1.x prior to 8.1.5, and 8.2.x prior to 8.2.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors ...
Owncloud Owncloud 8.2.1
Owncloud Owncloud
Owncloud Owncloud 8.1.0
Owncloud Owncloud 8.0.9
Owncloud Owncloud 8.0.8
Owncloud Owncloud 8.0.6
Owncloud Owncloud 8.0.5
Owncloud Owncloud 8.1.4
Owncloud Owncloud 8.1.1
Owncloud Owncloud 8.0.3
Owncloud Owncloud 8.0.0
Owncloud Owncloud 8.2.0
Owncloud Owncloud 8.1.3
Owncloud Owncloud 8.0.4
Owncloud Owncloud 8.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »