Kichernde_Erbse

**Name of the Vulnerable Software and Affected Versions** Nextcloud Server versions prior to 23.0.9 and 24.0.5 Nextcloud Enterprise Server versions prior to 22.2.10.5, 23.0.9, and 24.0.5 **Description** The issue affects Nextcloud Server, a file server software for the self-hosted productivity platform Nextcloud. An attacker reading `nextcloud.log` may gain knowledge of credentials to connect to a SharePoint service. **Recommendations** For Nextcloud Server versions prior to 23.0.9, update to version 23.0.9 or later. For Nextcloud Server versions prior to 24.0.5, update to version 24.0.5 or later. For Nextcloud Enterprise Server versions prior to 22.2.10.5, update to version 22.2.10.5 or later. For Nextcloud Enterprise Server versions prior to 23.0.9, update to version 23.0.9 or later. For Nextcloud Enterprise Server versions prior to 24.0.5, update to version 24.0.5 or later. As a temporary workaround for all affected versions, set `zend.exception ignore args = On` as an option in `php.ini`.

**Name of the Vulnerable Software and Affected Versions** Interactive Graphical SCADA System Data Server versions V15.0.0.22020 and prior **Description** The issue is related to an out-of-bounds read, which could cause memory leaks and potentially result in denial of service. This can happen when an attacker repeatedly sends a specially crafted message. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For versions V15.0.0.22020 and prior, consider restricting access to the system until a patch is available. As a temporary workaround, avoid using the system with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.