exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 437

CVE-2019-15613

почти 6 лет назад

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.

CVSS3: 8

EPSS: Низкий

CVE-2019-15613

почти 6 лет назад

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend t ...

CVSS3: 8

EPSS: Низкий

CVE-2019-15612

почти 6 лет назад

A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.

CVSS3: 5.9

EPSS: Низкий

CVE-2019-15612

почти 6 лет назад

A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be c ...

CVSS3: 5.9

EPSS: Низкий

CVE-2018-3780

больше 7 лет назад

A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.

CVSS3: 5.4

EPSS: Низкий

CVE-2018-3780

больше 7 лет назад

A missing sanitization of search results for an autocomplete field in ...

CVSS3: 5.4

EPSS: Низкий

CVE-2018-3776

больше 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3776

больше 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3776

больше 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3775

больше 7 лет назад

Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3775

больше 7 лет назад

Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3762

больше 7 лет назад

Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.

CVSS3: 4.3

EPSS: Низкий

CVE-2018-3762

больше 7 лет назад

Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks ...

CVSS3: 4.3

EPSS: Низкий

CVE-2018-3761

больше 7 лет назад

Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.

CVSS3: 8.1

EPSS: Низкий

CVE-2018-3761

больше 7 лет назад

Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authent ...

CVSS3: 8.1

EPSS: Низкий

CVE-2018-16467

около 7 лет назад

A missing check in Nextcloud Server prior to 14.0.0 could give unauthorized access to the previews of single file password protected shares.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-16467

около 7 лет назад

A missing check in Nextcloud Server prior to 14.0.0 could give unautho ...

CVSS3: 5.3

EPSS: Низкий

CVE-2018-16466

около 7 лет назад

Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.

CVSS3: 8.1

EPSS: Низкий

CVE-2018-16466

около 7 лет назад

Improper revalidation of permissions in Nextcloud Server prior to 14.0 ...

CVSS3: 8.1

EPSS: Низкий

CVE-2018-16465

около 7 лет назад

Missing state in Nextcloud Server prior to 14.0.0 would not enforce the use of a second factor at login if the the provider of the second factor failed to load.

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2019-15613 A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.	CVSS3: 8	0% Низкий	почти 6 лет назад
CVE-2019-15613 A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend t ...	CVSS3: 8	0% Низкий	почти 6 лет назад
CVE-2019-15612 A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.	CVSS3: 5.9	0% Низкий	почти 6 лет назад
CVE-2019-15612 A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be c ...	CVSS3: 5.9	0% Низкий	почти 6 лет назад
CVE-2018-3780 A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.	CVSS3: 5.4	1% Низкий	больше 7 лет назад
CVE-2018-3780 A missing sanitization of search results for an autocomplete field in ...	CVSS3: 5.4	1% Низкий	больше 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.	CVSS3: 5.3	1% Низкий	больше 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.	CVSS3: 5.3	1% Низкий	больше 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...	CVSS3: 5.3	1% Низкий	больше 7 лет назад
CVE-2018-3775 Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.	CVSS3: 8.8	0% Низкий	больше 7 лет назад
CVE-2018-3775 Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...	CVSS3: 8.8	0% Низкий	больше 7 лет назад
CVE-2018-3762 Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.	CVSS3: 4.3	0% Низкий	больше 7 лет назад
CVE-2018-3762 Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks ...	CVSS3: 4.3	0% Низкий	больше 7 лет назад
CVE-2018-3761 Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.	CVSS3: 8.1	1% Низкий	больше 7 лет назад
CVE-2018-3761 Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authent ...	CVSS3: 8.1	1% Низкий	больше 7 лет назад
CVE-2018-16467 A missing check in Nextcloud Server prior to 14.0.0 could give unauthorized access to the previews of single file password protected shares.	CVSS3: 5.3	0% Низкий	около 7 лет назад
CVE-2018-16467 A missing check in Nextcloud Server prior to 14.0.0 could give unautho ...	CVSS3: 5.3	0% Низкий	около 7 лет назад
CVE-2018-16466 Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.	CVSS3: 8.1	0% Низкий	около 7 лет назад
CVE-2018-16466 Improper revalidation of permissions in Nextcloud Server prior to 14.0 ...	CVSS3: 8.1	0% Низкий	около 7 лет назад
CVE-2018-16465 Missing state in Nextcloud Server prior to 14.0.0 would not enforce the use of a second factor at login if the the provider of the second factor failed to load.	CVSS3: 5.3	0% Низкий	около 7 лет назад

Уязвимостей на страницу