Client
by OwnCloud
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50477 | 0.00 | — | 0.01 | Dec 21, 2023 | An issue was discovered in nos client version 0.6.6, allows remote attackers to escalate privileges via getRPCEndpoint.js. | |||
| CVE-2021-44537 | 0.00 | — | 0.03 | Jan 15, 2022 | ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution. | |||
| CVE-2015-5955 | 0.00 | — | 0.01 | Oct 29, 2015 | ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers. | |||
| CVE-2015-7298 | 0.00 | — | 0.01 | Oct 26, 2015 | ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote attackers to conduct man-in-the-middle (MITM) attacks by leveraging a server… |
- CVE-2023-50477Dec 21, 2023risk 0.00cvss —epss 0.01
An issue was discovered in nos client version 0.6.6, allows remote attackers to escalate privileges via getRPCEndpoint.js.
- CVE-2021-44537Jan 15, 2022risk 0.00cvss —epss 0.03
ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.
- CVE-2015-5955Oct 29, 2015risk 0.00cvss —epss 0.01
ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by reading authentication headers.
- CVE-2015-7298Oct 26, 2015risk 0.00cvss —epss 0.01
ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote attackers to conduct man-in-the-middle (MITM) attacks by leveraging a server…