Free Trial

Nextcloud Latest vulnerabilities released

Overview :
Multiple vulnerabilities reported in Nextcloud
Affected Product(s) :
  • Nextcloud Social app version 0.3.1
  • Nextcloud Social < 0.4.0
Vulnerability Details :
CVE ID : CVE-2020-8278
Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user.
CVE ID : CVE-2020-8279
Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack.

Solution :

This vulnerability is currently awaiting analysis.

 

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-47480 : DELL INVENTORY COLLECTOR CLIENT UP TO 12.6.X SYMLINK

CVE-2024-47480 : DELL INVENTORY COLLECTOR CLIENT UP TO 12.6.X SYMLINK

Description Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege

Learn more
CVE-2024-49820 : IBM SECURITY GUARDIUM KEY LIFECYCLE MANAGER 4.1/4.1.1/4.2.0/4.2.1 CLEARTEXT TRANSMISSION

CVE-2024-49820 : IBM SECURITY GUARDIUM KEY LIFECYCLE MANAGER 4.1/4.1.1/4.2.0/4.2.1 CLEARTEXT TRANSMISSION

Description IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive

Learn more
CVE-2024-53144 : LINUX KERNEL UP TO 6.1.112/6.6.54/6.10.13/6.11.2 HCI_EVENT PRIVILEGE ESCALATION

CVE-2024-53144 : LINUX KERNEL UP TO 6.1.112/6.6.54/6.10.13/6.11.2 HCI_EVENT PRIVILEGE ESCALATION

Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This

Learn more