Vulnerabilities > Owncloud
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-20 | CVE-2021-29659 | Incorrect Authorization vulnerability in Owncloud 10.7.0 ownCloud 10.7 has an incorrect access control vulnerability, leading to remote information disclosure. | 4.0 |
| 2021-02-26 | CVE-2020-28646 | Uncontrolled Search Path Element vulnerability in Owncloud ownCloud owncloud/client before 2.7 allows DLL Injection. | 4.4 |
| 2021-02-19 | CVE-2020-36248 | Cleartext Storage of Sensitive Information vulnerability in Owncloud The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN preferences value in a backup archive, and consequently bypass the PIN lock feature by restoring from this archive. | 2.1 |
| 2021-02-19 | CVE-2020-36252 | Exposure of Resource TO Wrong Sphere vulnerability in Owncloud ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number. | 2.7 |
| 2021-02-19 | CVE-2020-36251 | Improper Privilege Management vulnerability in Owncloud ownCloud Server before 10.3.0 allows an attacker, who has received non-administrative access to a group share, to remove everyone else's access to that share. | 4.0 |
| 2021-02-19 | CVE-2020-36250 | Inadequate Encryption Strength vulnerability in Owncloud In the ownCloud application before 2.15 for Android, the lock protection mechanism can be bypassed by moving the system date/time into the past. | 2.1 |
| 2021-02-19 | CVE-2020-36249 | Unspecified vulnerability in Owncloud File Firewall The File Firewall before 2.8.0 for ownCloud Server does not properly enforce file-type restrictions for public shares. | 5.0 |
| 2021-02-19 | CVE-2020-10254 | Improper Authentication vulnerability in Owncloud An issue was discovered in ownCloud before 10.4. | 4.3 |
| 2021-02-19 | CVE-2020-10252 | Server-Side Request Forgery (SSRF) vulnerability in Owncloud An issue was discovered in ownCloud before 10.4. | 6.5 |
| 2021-02-09 | CVE-2020-28645 | Improper Input Validation vulnerability in Owncloud Deleting users with certain names caused system files to be deleted. | 5.0 |