Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • Infrastructure and Network
  • Storage

Storage

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    3 Mar 2025 Infrastructure and Network
    MinIO: Authentication Bypass in SFTP Connections Allows Unauthorized Data Access

    In MinIO versions starting in RELEASE.2024-06-06T09-36-42Z and prior to
    RELEASE.2025-02-28T09-55-16Z a medium severity vulnerability CVE-2025-27414 was detected. This vulnerability allows attackers to bypass authentication and gain unauthorized data access by exploiting a bug in evaluating the trust of the SSH key used in an SFTP connection. To address this issue, users should upgrade MinIO to version RELEASE.2025-02-28T09-55-16Z. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-27414.

    Read more
    Storage
    9 Jan 2025 Infrastructure and Network
    Nextcloud: Vulnerability in Group Sharing Configuration

    In Nextcloud Server and Enterprise Server versions from 22.0.0 to 24.0.6 a medium severity vulnerability was detected. This vulnerability allows shared items to remain accessible to users after they are removed from a group, even when the server is configured to restrict sharing within groups. To address this issue, users should upgrade to Nextcloud Server versions 22.2.11, 23.0.11, or 24.0.6, and Nextcloud Enterprise Server versions 22.2.11, 23.0.11, or 24.0.6. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-52516.

    Read more
    Storage
    8 Jan 2025 Infrastructure and Network
    Nextcloud: Vulnerability Exposes Global Credentials

    In Nextcloud Server and Enterprise Server versions from 25.0.0 to 30.0.1 a medium severity vulnerability CVE-2024-52517 was detected. This vulnerability allows attackers with access to an active user session to read global credentials in plain text. To address this issue, users should upgrade to Nextcloud Server versions 28.0.11, 29.0.8, or 30.0.1 and Nextcloud Enterprise Server versions 25.0.13.13, 26.0.13.9, 27.1.11.9, 28.0.11, 29.0.8, or 30.0.1. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-52517.

    Read more
    Storage
    18 Dec 2024 Infrastructure and Network
    MinIO: Critical Privilege Escalation Vulnerability

    In MinIO versions from RELEASE.2022-06-25T15-50-16Z to RELEASE.2024-12-13T22-19-12Z a critical severity vulnerability CVE-2024-55949 was found. This vulnerability allows attackers to gain higher privileges. To address this issue, users are advised to upgrade to MinIO version RELEASE.2024-12-13T22-19-12Z or later. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-55949.

    Read more
    Storage
    23 Sep 2024 Infrastructure and Network
    Nextcloud: Critical Vulnerability Makes Synchronized Files World Writable or Readable

    In Nextcloud Desktop Client versions 3.13.1 through 3.13.3 on Linux a critical severity vulnerability CVE-2024-46958 was detected. This vulnerability allows synchronized files between the server and client to become world writable or world readable. To address this issue, updating to version 3.13.4 is recommended. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-46958.

    Read more
    Storage
    19 Aug 2024 Infrastructure and Network
    Nextcloud: Photo Removal Vulnerability

    In Nextcloud Server versions 25.0.0 to 25.0.6 and 26.0.0 to 26.0.1 a low severity vulnerability CVE-2024-37314 was detected in the Nextcloud Photos app. This vulnerability allows users to remove photos from the albums of registered users. To address this issue, it is recommended to upgrade to Nextcloud Server version 25.0.7 or 26.0.2 and Nextcloud Enterprise Server version 25.0.7 or 26.0.2. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-37314.

    Read more
    Storage
    12 Aug 2024 Infrastructure and Network
    Nextcloud: Recurrence Exceptions Exposure

    In Nextcloud Server versions 27.1.9 and earlier a low severity vulnerability CVE-2024-37887 was detected. This vulnerability allows attackers to read private shared calendar events’ recurrence exceptions. To address this issue, it is recommended to upgrade to Nextcloud Server version 27.1.10, 28.0.6, or 29.0.1, and Nextcloud Enterprise Server to version 27.1.10, 28.0.6, or 29.0.1. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-37887.

    Read more
    Storage
    12 Aug 2024 Infrastructure and Network
    Nextcloud: File Deletion Vulnerability in Shared Files

    In Nextcloud Server versions prior to 26.0.12, 27.1.7 and 28.0.3 a medium severity vulnerability CVE-2024-37884 was detected. This vulnerability allows malicious users to delete old versions of files they only have read permissions for. To address this issue, it is recommended to upgrade Nextcloud Server to version 26.0.12, 27.1.7, or 28.0.3, and Nextcloud Enterprise Server to the same versions. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-37884.

    Read more
    Storage
    12 Aug 2024 Infrastructure and Network
    Nextcloud: Exploit Allows Unauthorized Document Version Restoration

    In Nextcloud Server versions prior to 26.0.12, 27.1.7 and 28.0.3 a medium severity vulnerability CVE-2024-37315 was detected. This vulnerability allows attackers with read-only access to restore older versions of a document if the files_versions app is enabled. To address this issue, it is recommended to upgrade to Nextcloud Server version to 26.0.12, 27.1.7 or 28.0.3 and the Nextcloud Enterprise Server versions to 23.0.12.16, 24.0.12.12, 25.0.13.6, 26.0.12, 27.1.7 or 28.0.3 For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-37315.

    Read more
    Storage
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy