VIR Vulnerability Intelligence Relay

Search

Found 13 results in 15ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-9463 high 8.1 8.1 nextcloudowncloud 9y ago Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enable…
CVE-2016-7102 high 8.4 8.4 owncloud 10y ago ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a "special path" in the C: drive.
CVE-2016-1499 high 8.5 8.5 owncloud 11y ago ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of serv…
CVE-2015-6500 high 7.5 owncloud 11y ago Directory traversal vulnerability in ownCloud Server before 8.0.6 and 8.1.x before 8.1.1 allows remote authenticated users to list directory contents and possibly cause a denial of service (CPU consu…
CVE-2015-4717 high 7.8 owncloud 11y ago The filename sanitization component in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 does not properly handle $_GET parameters cast by PHP to an array, which allows remote …
CVE-2014-2044 high 8.5 EXP owncloud 12y ago Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbi…
CVE-2014-2051 high 7.5 owncloud 12y ago ownCloud Server before 5.0.15 and 6.0.x before 6.0.2 allows remote attackers to conduct an LDAP injection attack via unspecified vectors, as demonstrated using a "login query."
CVE-2014-3834 high 7.5 owncloud 12y ago ownCloud Server before 6.0.3 does not properly check permissions, which allows remote authenticated users to (1) access the contacts of other users via the address book or (2) rename files via unspec…
CVE-2014-2056 high 7.5 owncloudphpdocx 12y ago PHPDocX, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External…
CVE-2014-2055 high 7.5 FIX debian debian fruuxowncloud 12y ago XXE in SabreDAV
CVE-2014-2054 high 7.5 owncloudphpexcel_project 12y ago PHPExcel vulnerable to XXE attacks through libxml
CVE-2014-2053 high 7.5 FIX debian debian getid3owncloud 12y ago getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via a…
CVE-2012-4392 high 7.5 owncloud 14y ago index.php in ownCloud 4.0.7 does not properly validate the oc_token cookie, which allows remote attackers to bypass authentication via a crafted oc_token cookie value.