Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
owncloud owncloud vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-1499
ownCloud Server prior to 8.0.10, 8.1.x prior to 8.1.5, and 8.2.x prior to 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to index.php/apps/files/ajax/...
Owncloud Owncloud 8.1.1
Owncloud Owncloud 8.1.3
Owncloud Owncloud 8.1.4
Owncloud Owncloud 8.2.0
Owncloud Owncloud
Owncloud Owncloud 8.1.0
Owncloud Owncloud 8.2.1
4
CVSSv2
CVE-2016-1501
ownCloud Server prior to 8.0.9 and 8.1.x prior to 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages.
Owncloud Owncloud 8.1.1
Owncloud Owncloud 8.1.0
Owncloud Owncloud 8.1.3
Owncloud Owncloud
5
CVSSv2
CVE-2015-5955
ownCloud iOS app prior to 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers.
Owncloud Owncloud
4.3
CVSSv2
CVE-2015-3996
The default AFSecurityPolicy.validatesDomainName configuration for AFSSLPinningModeNone in the AFNetworking framework prior to 2.5.3, as used in the ownCloud iOS Library, disables verification of a server hostname against the domain name in the subject's Common Name (CN) of ...
Afnetworking Project Afnetworking
9
CVSSv2
CVE-2015-7699
The files_external app in ownCloud Server prior to 7.0.9, 8.0.x prior to 8.0.7, and 8.1.x prior to 8.1.2 allows remote authenticated users to instantiate arbitrary classes and possibly execute arbitrary code via a crafted mount point option, related to "objectstore."
Owncloud Owncloud 7.0.3
Owncloud Owncloud 7.0.5
Owncloud Owncloud 8.0.5
Owncloud Owncloud 7.0.7
Owncloud Owncloud 8.0.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.3
Owncloud Owncloud 7.0.0
Owncloud Owncloud 7.0.1
Owncloud Owncloud 7.0.2
Owncloud Owncloud 7.0.4
Owncloud Owncloud 7.0.6
Owncloud Owncloud 8.0.4
Owncloud Owncloud 8.1.0
2.6
CVSSv2
CVE-2015-4456
ownCloud Desktop Client prior to 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which allows man-in-the-middle malicious users to bypass the user's certificate distrust decision and obtain sensitive information by leveraging a self-...
Owncloud Owncloud Desktop Client
5.1
CVSSv2
CVE-2015-7298
ownCloud Desktop Client prior to 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote malicious users to conduct man-in-the-middle (MITM) attacks by leveraging a se...
Owncloud Owncloud Desktop Client
Qt Qt 5.4.1
Qt Qt 5.3.0
7.5
CVSSv2
CVE-2015-6500
Directory traversal vulnerability in ownCloud Server prior to 8.0.6 and 8.1.x prior to 8.1.1 allows remote authenticated users to list directory contents and possibly cause a denial of service (CPU consumption) via a .. (dot dot) in the dir parameter to index.php/apps/files/ajax/...
Owncloud Owncloud 7.0.0
Owncloud Owncloud 7.0.7
Owncloud Owncloud 8.0.0
Owncloud Owncloud 7.0.5
Owncloud Owncloud 7.0.6
Owncloud Owncloud 8.1.0
Owncloud Owncloud 7.0.3
Owncloud Owncloud 7.0.4
Owncloud Owncloud 8.0.4
Owncloud Owncloud 8.0.5
Owncloud Owncloud 7.0.1
Owncloud Owncloud 7.0.2
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.3
4
CVSSv2
CVE-2015-6670
ownCloud Server prior to 7.0.8, 8.0.x prior to 8.0.6, and 8.1.x prior to 8.1.1 does not properly check ownership of calendars, which allows remote authenticated users to read arbitrary calendars via the calid parameter to apps/calendar/export.php.
Owncloud Owncloud 7.0.6
Owncloud Owncloud 7.0.7
Owncloud Owncloud 7.0.4
Owncloud Owncloud 7.0.5
Owncloud Owncloud 8.0.5
Owncloud Owncloud 8.1.0
Owncloud Owncloud 7.0.2
Owncloud Owncloud 7.0.3
Owncloud Owncloud 8.0.3
Owncloud Owncloud 8.0.4
Owncloud Owncloud 7.0.0
Owncloud Owncloud 7.0.1
Owncloud Owncloud 8.0.0
Owncloud Owncloud 8.0.2
10
CVSSv2
CVE-2015-4716
Directory traversal vulnerability in the routing component in ownCloud Server prior to 7.0.6 and 8.0.x prior to 8.0.4, when running on Windows, allows remote malicious users to reinstall the application or execute arbitrary code via unspecified vectors.
Owncloud Owncloud
Owncloud Owncloud 8.0.0
Owncloud Owncloud 8.0.2
Owncloud Owncloud 8.0.3
Microsoft Windows
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »