Vulnerabilities > Nextcloud > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-05 | CVE-2017-0885 | Information Exposure vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of file in write-only share. | 4.3 |
2017-04-05 | CVE-2017-0884 | Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. | 4.3 |
2017-04-05 | CVE-2017-0883 | Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Server Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. | 5.5 |
2017-03-28 | CVE-2016-9468 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. | 5.0 |
2017-03-28 | CVE-2016-9467 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. | 5.0 |
2017-03-28 | CVE-2016-9466 | Cross-site Scripting vulnerability in multiple products Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. | 4.3 |
2017-03-28 | CVE-2016-9464 | Improper Authorization vulnerability in Nextcloud Server Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. | 4.0 |
2017-03-28 | CVE-2016-9463 | Improper Authentication vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. | 6.8 |
2017-03-28 | CVE-2016-9462 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. | 4.0 |
2017-03-28 | CVE-2016-9461 | Improper Access Control vulnerability in multiple products Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. | 4.0 |