Mandriva Linux Security Advisory 2014-140 - Owncloud versions 5.0.17 and 6.0.4 fix an unspecified security vulnerability, as well as many other bugs.
367ab066b22696b50ca46161ca38e28db8f30f3ee2f7ccdcce8b90c7d3e63a18OwnCloud version 8.1.8 suffers from a username disclosure vulnerability.
0307de97c325435adcb9198b8abdd9f7094e634c0324db4c86daa7772020153aownCloud version 10.3.0 Stable suffers from a cross site request forgery vulnerability.
c22b2a37ba5d1cb6b5858d7411c84b3b052ad0aa8deb6f83ddf846ab7d9d2e99ownCloud version 0.1.2 suffers from a user impersonation authorization bypass vulnerability.
29b952619c8992a8a4ce5753eaedfa7b6eaafa33618c92674d49b3731375dc42ownCloud version 3.7.3 for iOS suffers from a cross site scripting vulnerability.
60a743c516f85803a1928a7f4848da9eaf304718636f0a2239685f689d400f9cOwnCloud Server versions 8.1 through 10.0 suffer from a user enumeration vulnerability.
f37e67829e665a898bf68c2848f71f8bc90ffbb5b72d6424387b5e59ac1e5c43NextCloud and OwnCloud suffer from a cross site scripting vulnerability in their error pages. OwnCloud versions 9.1.5 and below are affected. NextCloud versions prior to 11.0.3, 10.0.5, and 9.0.58 are affected.
65879de6c3bc16a06a84fa76fc56c4fec014ee26d19bb377b0cde628a8e097a2ownCloud version 10.0.1 appears to be missing multiple patches for cross site scripting and more.
e3c48c0271c0c89ae80ecf8f0d0ab034e903539703cefb633858b163ea696d4bownCloud's desktop client versions up to 2.2.2 suffer from a local privilege escalation vulnerability.
b2623943c1aa93651044b4c1a58687459e6c32e5ec23cc3c6403bce318ee3b99ownCloud versions 8.2.1 and below, 8.1.4 and below, and 8.0.9 and below suffer from an information exposure vulnerability via directory listings.
2a03e49b47f5b92a36e0f7c8b25d095b6e9255abca3e8fe34b1f15409b04a89cDebian Linux Security Advisory 3373-1 - Multiple vulnerabilities were discovered in ownCloud, a cloud storage web service for files, music, contacts, calendars and many more. These flaws may lead to the execution of arbitrary code, authorization bypass, information disclosure, cross-site scripting or denial of service.
1bc9f55ce18ea43fc980ec3cf5109f1173d1f737ff38d3de1551ddf14db90a50Debian Linux Security Advisory 3363-1 - Johannes Kliemann discovered a vulnerability in ownCloud Desktop Client, the client-side of the ownCloud file sharing services. The vulnerability allows man-in-the-middle attacks in situations where the server is using self-signed certificates and the connection is already established. If the user in the client side manually distrusts the new certificate, the file syncing will continue using the malicious server as valid.
838ab02bce7d5df058027fde7a8be27958a12c190fa0eaa403db96dd7e837939Debian Linux Security Advisory 3244-1 - Multiple vulnerabilities were discovered in ownCloud, a cloud storage web service for files, music, contacts, calendars and many more.
c48f4da91c626adbdf463cc9a563ebb5fb15d2e0f65687670230eb17c7d9d7caMandriva Linux Security Advisory 2015-191 - Multiple vulnerabilities has been discovered and corrected in owncloud. The updated packages have been upgraded to the 7.0.5 version where these security flaws has been fixed.
f8a5e1a519b807d253347846f6363fdb094ab379701f13b264d2eead2d04dfb8Mandriva Linux Security Advisory 2015-190 - Multiple vulnerabilities have been discovered and corrected in owncloud. The updated packages have been upgraded to the 5.0.19 version where these security flaws has been fixed.
6fd377dd29bbd30e66c0b3e1c809d20c1adae98eff802df38dd47ec10d0d5bf9In consequence of an insufficient threat model, ownCloud is storing all user's private RSA keys in clear text in PHP session files. These unencrypted private keys can be accessed by every web application that has the privilege of the web server user. The affected files exposing cryptographic keys will be stored in the PHP session directory for a number of hours until they are removed. All versions of ownCloud since the introduction of the encryption module in version 5.0.7 including version 7.0.0 are affected.
a618a09a68105380a438f404228d67b0045ecb744d155c0bdce6d9697cc0177dMandriva Linux Security Advisory 2014-101 - Owncloud versions 5.0.16 and 6.0.3 fix several unspecified security vulnerabilities, as well as many other bugs.
bdf9b2bd496204828ef8370a8b35d1424c6743cfd4e0f4cdb1f5eaa2978d08cbMandriva Linux Security Advisory 2014-055 - Owncloud versions 5.0.15 and 6.0.2 fix several unspecified security vulnerabilities, as well as many other bugs. See the upstream Changelog for more information.
a9374eda146b1f80a69f3b2e5eb37ffa6b8eccdab53a92eeeb22ce221025494bownCloud versions 4.0.x and 4.5.x suffer from a remote code execution vulnerability.
c65453c7d509deaa48610d2f613f6869f087ed9c465830cd85a1506f6c8ea17cownCloud version 6.0.0a suffers from file deletion, cross site request forgery, and cross site scripting vulnerabilities. It has also been reported that the same cross site scripting issue also affects Pydio version 5.20.
0fb9c931db1a45e7410c265273eefb3fe38de107452c5df50cfa8b1d1f8f8615Mandriva Linux Security Advisory 2013-289 - Possible security bypass on admin page under certain circumstances and MariaDB. The owncloud package has been updated to version 5.0.13, fixing this and many other issues.
2be9f28fc7baf97fcf0451a03c839ede1e68d3aff1131963db3c1c04ac9ef0e3Mandriva Linux Security Advisory 2013-206 - Updated owncloud package fixes security vulnerabilities. This update provides OwnCloud 5.0.9, which fixes these issues, as well as several other bugs.
3eb51aeedb33cebb10b94645c0e7b11c107847b8624dab381d23858d411d4ad3Mandriva Linux Security Advisory 2013-175 - Cross-site scripting vulnerabilities in js/viewer.js inside the files_videoviewer application via multiple unspecified vectors in all ownCloud versions prior to 5.0.7 and 4.5.12 allows authenticated remote attackers to inject arbitrary web script or HTML via shared files. Cross-site scripting vulnerabilities in core/js/oc-dialogs.js via multiple unspecified vectors in all ownCloud versions prior to 5.0.7 and other versions before 4.0.16 allows authenticated remote attackers to inject arbitrary web script or HTML via shared files. This advisory provides the latest versions of owncloud which is not vulnerable to these issues.
16f100b70ba225304cca8fb72249be12ecd48ace8433b1c00a0c74d79b895e96Secunia Security Advisory - Multiple vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
5119c1655c6de8d45fb7fbf5310276f66a8eedd7928b069fa5c4b6cc1920857dSecunia Security Advisory - A security issue and a vulnerability has been reported in ownCloud, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
aea82d5bddcdce50365aacf9018fd929d68065c0a329d9b74771c5dca3f27f54Secunia Security Advisory - Multiple vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting attacks.
655323da297fad91d86be44b3010444378f5566580fcc956ade594e2cd5a32a2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed