Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25159
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x before 24.0.8 and 25.0.x before 25.0.1, Nextcloud Enterprise Server 24.0.x before 2...
Nextcloud Nextcloud Server 25.0.0
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 24.0.2
Nextcloud Richdocuments 7.0.0
Nextcloud Richdocuments
5
CVSSv2
CVE-2021-41239
Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings w...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
NA
CVE-2022-36074
Nextcloud server is an open source personal cloud product. Affected versions of this package are vulnerable to Information Exposure which fails to strip the Authorization header on HTTP downgrade. This can lead to account access exposure and compromise. It is recommended that the...
Nextcloud Nextcloud Enterprise Server
Nextcloud Nextcloud Server
NA
CVE-2022-39330
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to versions 23.0.10 and 24.0.6 and Nextcloud Enterprise Server prior to versions 22.2.10, 23.0.10, and 24.0.6 are vulnerable to a logged-in attacker slowing dow...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
NA
CVE-2023-45148
Nextcloud is an open source home cloud server. When Memcached is used as `memcache.distributed` the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Us...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
NA
CVE-2023-45151
Nextcloud server is an open source home cloud platform. Affected versions of Nextcloud stored OAuth2 tokens in plaintext which allows an attacker who has gained access to the server to potentially elevate their privilege. This issue has been addressed and users are recommended to...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2022-24741
Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud S...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 23.0.0
4
CVSSv2
CVE-2016-9464
Nextcloud Server prior to 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users and groups. In case of a received group share, users should be able to unshare t...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 10.0
NA
CVE-2022-39329
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 23.0.9 and 24.0.5 are vulnerable to exposure of information that cannot be controlled by administrators without dire...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
NA
CVE-2022-39364
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server prior to versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server prior to versions 22.2.10.5, 23.0.9, and 24.0.5 an attacker reading `nextcloud.log` may gain kn...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »