Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-9466
Nextcloud Server prior to 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could infl...
Owncloud Owncloud
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2016-9467
Nextcloud Server prior to 9.0.54 and 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structu...
Owncloud Owncloud
Nextcloud Nextcloud Server
3.7
CVSSv3
CVE-2017-5865
The password reset functionality in ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 sends different error messages depending on whether the username is valid, which allows remote malicious users to enumerate user names via a l...
Owncloud Owncloud 8.2.5
Owncloud Owncloud 9.0.0
Owncloud Owncloud 8.2.7
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.4
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.3
Owncloud Owncloud 8.2.2
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.8
Owncloud Owncloud
Owncloud Owncloud 9.0.2
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.1.0
4.3
CVSSv3
CVE-2017-5866
The autocomplete feature in the E-Mail share dialog in ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors.
Owncloud Owncloud 8.2.5
Owncloud Owncloud 9.0.0
Owncloud Owncloud 8.2.1
Owncloud Owncloud 8.2.7
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.4
Owncloud Owncloud 8.2.0
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.3
Owncloud Owncloud 8.2.2
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.8
Owncloud Owncloud
Owncloud Owncloud 9.0.2
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.1.0
6.5
CVSSv3
CVE-2017-5867
ownCloud Server prior to 8.1.11, 8.2.x prior to 8.2.9, 9.0.x prior to 9.0.7, and 9.1.x prior to 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a one bit BMP file.
Owncloud Owncloud 8.2.5
Owncloud Owncloud 9.0.0
Owncloud Owncloud 8.2.1
Owncloud Owncloud 8.2.7
Owncloud Owncloud 9.0.6
Owncloud Owncloud 8.2.6
Owncloud Owncloud 8.2.4
Owncloud Owncloud 8.2.0
Owncloud Owncloud 9.0.4
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.1.2
Owncloud Owncloud 9.0.3
Owncloud Owncloud 8.2.2
Owncloud Owncloud 9.0.5
Owncloud Owncloud 8.2.8
Owncloud Owncloud
Owncloud Owncloud 9.0.2
Owncloud Owncloud 8.2.3
Owncloud Owncloud 9.1.1
Owncloud Owncloud 9.1.0
5.9
CVSSv3
CVE-2016-5876
ownCloud server prior to 8.2.6 and 9.x prior to 9.0.3, when the gallery app is enabled, allows remote malicious users to download arbitrary images via a direct request.
Owncloud Owncloud 9.0.0
Owncloud Owncloud
Owncloud Owncloud 9.0.1
Owncloud Owncloud 9.0.2
8.4
CVSSv3
CVE-2016-7102
ownCloud Desktop prior to 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a "special path" in the C: drive.
Owncloud Owncloud Desktop Client
5.4
CVSSv3
CVE-2016-7419
Cross-site scripting (XSS) vulnerability in share.js in the gallery application in ownCloud Server prior to 9.0.4 and Nextcloud Server prior to 9.0.52 allows remote authenticated users to inject arbitrary web script or HTML via a crafted directory name.
Nextcloud Nextcloud Server
Owncloud Owncloud
3.1
CVSSv3
CVE-2016-1500
ownCloud Server prior to 7.0.12, 8.0.x prior to 8.0.10, 8.1.x prior to 8.1.5, and 8.2.x prior to 8.2.2, when the "file_versions" application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with ...
Owncloud Owncloud 8.0.5
Owncloud Owncloud
Owncloud Owncloud 8.1.3
Owncloud Owncloud 8.2.1
Owncloud Owncloud 8.0.3
Owncloud Owncloud 8.0.4
Owncloud Owncloud 8.2.0
Owncloud Owncloud 8.0.9
Owncloud Owncloud 8.0.8
Owncloud Owncloud 8.1.4
Owncloud Owncloud 8.1.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.6
Owncloud Owncloud 8.0.0
Owncloud Owncloud 8.1.1
8.5
CVSSv3
CVE-2016-1499
ownCloud Server prior to 8.0.10, 8.1.x prior to 8.1.5, and 8.2.x prior to 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/...
Owncloud Owncloud 8.1.3
Owncloud Owncloud 8.2.1
Owncloud Owncloud
Owncloud Owncloud 8.2.0
Owncloud Owncloud 8.1.4
Owncloud Owncloud 8.1.0
Owncloud Owncloud 8.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »