Filter
-Infinity
0

BleepingComputerSurge in attacks exploiting old ThinkPHP and ownCloud flaws

First published (updated )

ownCloud ServerAn issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or…

First published (updated )

ownCloudAn issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. …

8.7
First published (updated )

ownCloudownCloud graphapi Information Disclosure Vulnerability

First published (updated )

ownCloudownCloud Android app vulnerable to SQL Injection

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ownCloudownCloud Android app vulnerable to Path Traversal

First published (updated )

ownCloudThe Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trust…

First published (updated )

ownCloudownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Tra…

7.5
First published (updated )

ownCloudownCloud owncloud/android 2.20 has Incorrect Access Control for local attackers.

First published (updated )

ownCloudownCloud owncloud/android before 2.20 has Incorrect Access Control for physically proximate attacker…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

OwnCloud Files AntivirusCommand Injection, OS Command Injection

First published (updated )

OwnCloud Files AntivirusMalicious File Upload

8.8
First published (updated )

Red Hat FedoraownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client …

7.8
First published (updated )

ownCloudSSRF

First published (updated )

ownCloudSession fixation on password protected public links in the ownCloud Server before 10.8.0 allows an a…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ownCloudA receiver of a federated share with access to the database with ownCloud version before 10.8 could …

First published (updated )

ownCloudThe shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permi…

First published (updated )

ownCloudThe public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to…

First published (updated )

ownCloudownCloud 10.7 has an incorrect access control vulnerability, leading to remote information disclosur…

First published (updated )

ownCloud Desktop ClientownCloud owncloud/client before 2.7 allows DLL Injection. The desktop client loaded development plug…

7.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ownCloudThe ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN prefer…

First published (updated )

ownCloud File FirewallThe File Firewall before 2.8.0 for ownCloud Server does not properly enforce file-type restrictions …

7.5
First published (updated )

ownCloudIn the ownCloud application before 2.15 for Android, the lock protection mechanism can be bypassed b…

First published (updated )

ownCloudownCloud Server before 10.3.0 allows an attacker, who has received non-administrative access to a gr…

First published (updated )

ownCloudownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to …

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ownCloudSSRF

8.3
First published (updated )

ownCloudAn issue was discovered in ownCloud before 10.4. An attacker can bypass authentication on a password…

First published (updated )

ownCloudInput Validation

First published (updated )

ownCloudCSRF

First published (updated )

OwnCloud Files AntivirusWhen using an object storage like S3 as the file store, when a user creates a public link to a folde…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203