VYPR

Vendor CVEs

OwnCloud

All CVEs

169 total · sorted by risk
  • CVE-2019-25337CriFeb 12, 2026
    risk 0.64cvss 9.8epss 0.00

    OwnCloud 8.1.8 contains a username enumeration vulnerability that allows remote attackers to discover user accounts by manipulating the share.php endpoint. Attackers can send crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter to retrieve…

  • CVE-2014-2048CriMar 26, 2018
    risk 0.64cvss 9.8epss 0.03

    The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID implementation.

  • CVE-2016-1499HigJan 8, 2016
    risk 0.56cvss 8.5epss 0.03

    ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of service (CPU consumption) via the force parameter to…

  • CVE-2016-7102HigJan 23, 2017
    risk 0.55cvss 8.4epss 0.01

    ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a "special path" in the C: drive.

  • CVE-2016-9463HigMar 28, 2017
    risk 0.53cvss 8.1epss 0.04

    Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. Nextcloud/ownCloud include an optional and not by default enabled SMB authentication component that allows authenticating users against an SMB…

  • CVE-2024-50657MedNov 22, 2024
    risk 0.44cvss 6.8epss 0.00

    An issue in Owncloud android apk v.4.3.1 allows a physically proximate attacker to escalate privileges via the PassCodeViewModel class, specifically in the checkPassCodeIsValid method

  • CVE-2023-7273MedOct 1, 2024
    risk 0.44cvss 6.8epss 0.00

    Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge requests. If a request has no Authorization header, it is created with an empty string as value by a rewrite rule. The CSRF check is done by comparing the header value to null, meaning…

  • CVE-2017-9340MedJul 17, 2017
    risk 0.42cvss 6.5epss 0.01

    An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server before 10.0.2.

  • CVE-2017-5867MedMar 3, 2017
    risk 0.42cvss 6.5epss 0.01

    ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a one bit BMP file.

  • CVE-2017-8896MedJul 17, 2017
    risk 0.40cvss 6.1epss 0.01

    ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2 are vulnerable to XSS on error pages by injecting code in url parameters.

  • CVE-2016-9466MedMar 28, 2017
    risk 0.40cvss 6.1epss 0.02

    Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could influence…

  • CVE-2016-9459MedMar 28, 2017
    risk 0.40cvss 6.1epss 0.01

    Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivered with…

  • CVE-2016-1498MedJan 8, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a…

  • CVE-2014-1665MedMar 20, 2018
    risk 0.38cvss 5.4epss 0.03

    Cross-site scripting (XSS) vulnerability in ownCloud before 6.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an uploaded file.

  • CVE-2016-5876MedJan 23, 2017
    risk 0.38cvss 5.9epss 0.01

    ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery app is enabled, allows remote attackers to download arbitrary images via a direct request.

  • CVE-2017-9339MedJul 17, 2017
    risk 0.35cvss 5.3epss 0.01

    A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token.

  • CVE-2017-9338MedJul 17, 2017
    risk 0.35cvss 5.4epss 0.01

    Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. To be exploitable a user has to write or paste malicious content into the search dialogue.

  • CVE-2016-9468MedMar 28, 2017
    risk 0.35cvss 5.3epss 0.02

    Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the dav app. The exception message displayed on the DAV endpoints contained partially user-controllable input leading to a potential misrepresentation of…

  • CVE-2016-9467MedMar 28, 2017
    risk 0.35cvss 5.3epss 0.03

    Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and…

  • CVE-2016-9465MedMar 28, 2017
    risk 0.35cvss 5.4epss 0.01

    Nextcloud Server before 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from Stored XSS in CardDAV image export. The CardDAV image export functionality as implemented in Nextcloud/ownCloud allows the download of images stored within a vCard. Due to not performing any kind…

  • CVE-2016-9460MedMar 28, 2017
    risk 0.35cvss 5.3epss 0.02

    Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content-spoofing attack in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use…

  • CVE-2016-7419MedSep 17, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in share.js in the gallery application in ownCloud Server before 9.0.4 and Nextcloud Server before 9.0.52 allows remote authenticated users to inject arbitrary web script or HTML via a crafted directory name.

  • CVE-2016-9462MedMar 28, 2017
    risk 0.28cvss 4.3epss 0.02

    Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-only…

  • CVE-2016-9461MedMar 28, 2017
    risk 0.28cvss 4.3epss 0.02

    Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit check permissions on WebDAV copy actions. The WebDAV endpoint was not properly checking the permission on a WebDAV COPY action. This allowed an authenticated attacker with access to a…

  • CVE-2017-5866MedMar 3, 2017
    risk 0.28cvss 4.3epss 0.01

    The autocomplete feature in the E-Mail share dialog in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors.

  • CVE-2016-1501MedJan 8, 2016
    risk 0.28cvss 4.3epss 0.02

    ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages.

  • CVE-2017-5865LowMar 3, 2017
    risk 0.24cvss 3.7epss 0.01

    The password reset functionality in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 sends different error messages depending on whether the username is valid, which allows remote attackers to enumerate user names via a large number…

  • CVE-2023-49103KEVNov 21, 2023
    risk 0.23cvss epss 0.78

    An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).…

  • CVE-2016-1500LowJan 8, 2016
    risk 0.20cvss 3.1epss 0.01

    ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2, when the "file_versions" application is enabled, does not properly check the return value of getOwner, which allows remote authenticated users to read the files with names starting…

  • CVE-2023-49105Nov 21, 2023
    risk 0.07cvss epss 0.11

    An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known, and the victim has no signing-key configured. This occurs because pre-signed URLs can be accepted…

  • CVE-2014-2044Oct 6, 2014
    risk 0.04cvss epss 0.12

    Incomplete blacklist vulnerability in ajax/upload.php in ownCloud before 5.0, when running on Windows, allows remote authenticated users to bypass intended access restrictions, upload files with arbitrary names, and execute arbitrary code via an Alternate Data Stream (ADS)…

  • CVE-2015-4716Oct 21, 2015
    risk 0.02cvss epss 0.25

    Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or execute arbitrary code via unspecified vectors.

  • CVE-2025-59716Nov 5, 2025
    risk 0.00cvss epss 0.01

    ownCloud Guests before 0.12.5 allows unauthenticated user enumeration via the /apps/guests/register/{email}/{token} endpoint. Because of insufficient validation of the supplied token in showPasswordForm, the server responds differently when an e-mail address corresponds to a…

  • CVE-2024-22402Jan 18, 2024
    risk 0.00cvss epss 0.01

    Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users were able to load the first page of apps they were actually not allowed to access. Depending on the selection of apps installed this may present a…

  • CVE-2024-22401Jan 18, 2024
    risk 0.00cvss epss 0.00

    Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users could change the allowed list of apps, allowing them to use apps that were not intended to be used. It is recommended that the Guests app is upgraded to…

  • CVE-2023-50477Dec 21, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in nos client version 0.6.6, allows remote attackers to escalate privileges via getRPCEndpoint.js.

  • CVE-2023-49104Nov 21, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is enabled. An attacker is able to pass in a crafted redirect-url that bypasses validation, and consequently allows an attacker to redirect callbacks to a Top Level Domain controlled by the…

  • CVE-2023-3615Jul 17, 2023
    risk 0.00cvss epss 0.00

    Mattermost iOS app fails to properly validate the server certificate while initializing the TLS connection allowing a network attacker to intercept the WebSockets connection.

  • CVE-2022-43679Nov 10, 2022
    risk 0.00cvss epss 0.00

    The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the trusted_domains config useless. This could be abused to spoof the URL in password-reset e-mail messages.

  • CVE-2022-31649Jun 9, 2022
    risk 0.00cvss epss 0.01

    ownCloud owncloud/core before 10.10.0 Improperly Removes Sensitive Information Before Storage or Transfer.

  • CVE-2022-25339Apr 7, 2022
    risk 0.00cvss epss 0.00

    ownCloud owncloud/android 2.20 has Incorrect Access Control for local attackers.

  • CVE-2022-25338Apr 7, 2022
    risk 0.00cvss epss 0.00

    ownCloud owncloud/android before 2.20 has Incorrect Access Control for physically proximate attackers.

  • CVE-2021-33827Jan 15, 2022
    risk 0.00cvss epss 0.02

    The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the administration settings.

  • CVE-2021-33828Jan 15, 2022
    risk 0.00cvss epss 0.01

    The files_antivirus component before 1.0.0 for ownCloud mishandles the protection mechanism by which malicious files (that have been uploaded to a public share) are supposed to be deleted upon detection.

  • CVE-2021-44537Jan 15, 2022
    risk 0.00cvss epss 0.03

    ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.

  • CVE-2021-40537Sep 8, 2021
    risk 0.00cvss epss 0.01

    Server Side Request Forgery (SSRF) vulnerability exists in owncloud/user_ldap < 0.15.4 in the settings of the user_ldap app. Administration role is necessary for exploitation.

  • CVE-2021-35946Sep 7, 2021
    risk 0.00cvss epss 0.01

    A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.

  • CVE-2021-35949Sep 7, 2021
    risk 0.00cvss epss 0.01

    The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share.

  • CVE-2021-35947Sep 7, 2021
    risk 0.00cvss epss 0.01

    The public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL.

  • CVE-2021-29659May 20, 2021
    risk 0.00cvss epss 0.01

    ownCloud 10.7 has an incorrect access control vulnerability, leading to remote information disclosure. Due to a bug in the related API endpoint, the attacker can enumerate all users in a single request by entering three whitespaces. Secondary, the retrieval of all users on a…

Page 1 of 4