Логотип exploitDog
product: "nextcloud_server"
Консоль
Логотип exploitDog

exploitDog

product: "nextcloud_server"
Nextcloud Server

Nextcloud Serverнабор клиент-серверных программ для создания и использования хранилища данных.

Релизный цикл, информация об уязвимостях

Продукт: Nextcloud Server
Вендор: nextcloud

График релизов

30312024202520262027

Недавние уязвимости Nextcloud Server

Количество 409

nvd логотип

CVE-2017-0887

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. Due to not properly sanitizing values provided by the `OC-Total-Length` HTTP header an authenticated adversary may be able to exceed their configured user quota. Thus using more space than allowed by the administrator.

CVSS3: 4.3
EPSS: Низкий
debian логотип

CVE-2017-0887

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the ...

CVSS3: 4.3
EPSS: Низкий
nvd логотип

CVE-2017-0886

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an error in the application logic an authenticated adversary may trigger an endless recursion in the application leading to a potential Denial of Service.

CVSS3: 6.5
EPSS: Низкий
debian логотип

CVE-2017-0886

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Ser ...

CVSS3: 6.5
EPSS: Низкий
nvd логотип

CVE-2017-0885

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of file in write-only share. Due to an error in the application logic an adversary with access to a write-only share may enumerate the names of existing files and subfolders by comparing the exception messages.

CVSS3: 4.3
EPSS: Низкий
debian логотип

CVE-2017-0885

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message ...

CVSS3: 4.3
EPSS: Низкий
nvd логотип

CVE-2017-0884

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated adversary is able to create empty folders inside a shared folder. Note that this only affects folders and files that the adversary has at least read-only permissions for.

CVSS3: 4.3
EPSS: Низкий
debian логотип

CVE-2017-0884

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of f ...

CVSS3: 4.3
EPSS: Низкий
nvd логотип

CVE-2017-0883

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an attacker to edit files in a share despite having only a 'read' permission set. Note that this only affects folders and files that the adversary has at least read-only permissions for.

CVSS3: 6.4
EPSS: Низкий
debian логотип

CVE-2017-0883

около 8 лет назад

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission in ...

CVSS3: 6.4
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
1
nvd логотип
CVE-2017-0887

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. Due to not properly sanitizing values provided by the `OC-Total-Length` HTTP header an authenticated adversary may be able to exceed their configured user quota. Thus using more space than allowed by the administrator.

CVSS3: 4.3
0%
Низкий
около 8 лет назад
debian логотип
CVE-2017-0887

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the ...

CVSS3: 4.3
0%
Низкий
около 8 лет назад
nvd логотип
CVE-2017-0886

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an error in the application logic an authenticated adversary may trigger an endless recursion in the application leading to a potential Denial of Service.

CVSS3: 6.5
1%
Низкий
около 8 лет назад
debian логотип
CVE-2017-0886

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Ser ...

CVSS3: 6.5
1%
Низкий
около 8 лет назад
nvd логотип
CVE-2017-0885

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of file in write-only share. Due to an error in the application logic an adversary with access to a write-only share may enumerate the names of existing files and subfolders by comparing the exception messages.

CVSS3: 4.3
1%
Низкий
около 8 лет назад
debian логотип
CVE-2017-0885

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message ...

CVSS3: 4.3
1%
Низкий
около 8 лет назад
nvd логотип
CVE-2017-0884

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated adversary is able to create empty folders inside a shared folder. Note that this only affects folders and files that the adversary has at least read-only permissions for.

CVSS3: 4.3
0%
Низкий
около 8 лет назад
debian логотип
CVE-2017-0884

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of f ...

CVSS3: 4.3
0%
Низкий
около 8 лет назад
nvd логотип
CVE-2017-0883

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an attacker to edit files in a share despite having only a 'read' permission set. Note that this only affects folders and files that the adversary has at least read-only permissions for.

CVSS3: 6.4
0%
Низкий
около 8 лет назад
debian логотип
CVE-2017-0883

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission in ...

CVSS3: 6.4
0%
Низкий
около 8 лет назад

Уязвимостей на страницу

Поделиться