Количество 409
Количество 409
CVE-2020-8154
An Insecure direct object reference vulnerability in Nextcloud Server ...
CVE-2020-8152
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on.
CVE-2020-8152
Insufficient protection of the server-side encryption keys in Nextclou ...
CVE-2020-8150
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files.
CVE-2020-8150
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker t ...
CVE-2020-8139
A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, and < 16.0.9 causes hide-download shares to be downloadable when appending /download to the URL.
CVE-2020-8139
A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, ...
CVE-2020-8138
A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0.1, < 16.0.7, and < 15.0.14 allowed a Server-Side Request Forgery (SSRF) vulnerability when subscribing to a malicious calendar URL.
CVE-2020-8138
A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0 ...
CVE-2020-8133
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.
CVE-2020-8133
A wrong generation of the passphrase for the encrypted block in Nextcl ...
CVE-2020-8122
A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received.
CVE-2020-8122
A missing check in Nextcloud Server 14.0.3 could give recipient the po ...
CVE-2020-8121
A bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the sharer.
CVE-2020-8121
A bug in Nextcloud Server 14.0.4 could expose more data in reshared li ...
CVE-2020-8120
A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was discovered in the svg generation.
CVE-2020-8120
A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16. ...
CVE-2020-8119
Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the gallery app.
CVE-2020-8119
Improper authorization in Nextcloud server 17.0.0 causes leaking of pr ...
CVE-2020-8117
Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2020-8154 An Insecure direct object reference vulnerability in Nextcloud Server ... | CVSS3: 7.7 | 1% Низкий | около 5 лет назад |
 | CVE-2020-8152 Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on. | CVSS3: 4.4 | 0% Низкий | больше 4 лет назад |
| CVE-2020-8152 Insufficient protection of the server-side encryption keys in Nextclou ... | CVSS3: 4.4 | 0% Низкий | больше 4 лет назад |
| CVE-2020-8150 A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files. | CVSS3: 4.1 | 0% Низкий | больше 4 лет назад |
| CVE-2020-8150 A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker t ... | CVSS3: 4.1 | 0% Низкий | больше 4 лет назад |
| CVE-2020-8139 A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, and < 16.0.9 causes hide-download shares to be downloadable when appending /download to the URL. | CVSS3: 6.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8139 A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, ... | CVSS3: 6.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8138 A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0.1, < 16.0.7, and < 15.0.14 allowed a Server-Side Request Forgery (SSRF) vulnerability when subscribing to a malicious calendar URL. | CVSS3: 6.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8138 A missing check for IPv4 nested inside IPv6 in Nextcloud server < 17.0 ... | CVSS3: 6.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8133 A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file. | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| CVE-2020-8133 A wrong generation of the passphrase for the encrypted block in Nextcl ... | CVSS3: 5.3 | 0% Низкий | больше 4 лет назад |
| CVE-2020-8122 A missing check in Nextcloud Server 14.0.3 could give recipient the possibility to extend the expiration date of a share they received. | CVSS3: 4.3 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8122 A missing check in Nextcloud Server 14.0.3 could give recipient the po ... | CVSS3: 4.3 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8121 A bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the sharer. | CVSS3: 8.1 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8121 A bug in Nextcloud Server 14.0.4 could expose more data in reshared li ... | CVSS3: 8.1 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8120 A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was discovered in the svg generation. | CVSS3: 6.1 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8120 A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16. ... | CVSS3: 6.1 | 0% Низкий | больше 5 лет назад |
| CVE-2020-8119 Improper authorization in Nextcloud server 17.0.0 causes leaking of previews and files when a file-drop share link is opened via the gallery app. | CVSS3: 4.3 | 1% Низкий | больше 5 лет назад |
| CVE-2020-8119 Improper authorization in Nextcloud server 17.0.0 causes leaking of pr ... | CVSS3: 4.3 | 1% Низкий | больше 5 лет назад |
| CVE-2020-8117 Improper preservation of permissions in Nextcloud Server 14.0.3 causes the event details to be leaked when sharing a non-public event. | CVSS3: 4.3 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу