Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud 1.0.0 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2023-39954
user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, an attacker that obtained at least read access to a snapshot of the database can impersonate the Nextcloud server towards linked se...
Nextcloud User Oidc
4.8
CVSSv3
CVE-2023-39953
user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, missing verification of the issuer would have allowed an malicious user to perform a man-in-the-middle attack returning corrupted o...
Nextcloud User Oidc
5.4
CVSSv3
CVE-2023-28848
user_oidc is the OIDC connect user backend for Nextcloud, an open source collaboration platform. A vulnerability in versions 1.0.0 until 1.3.0 effectively allowed an malicious user to bypass the state protection as they could just copy the expected state token from the first requ...
Nextcloud User Oidc
4.1
CVSSv3
CVE-2020-8179
Improper access control in Nextcloud Deck 1.0.0 allowed an malicious user to inject tasks into other users decks.
Nextcloud Deck
9.8
CVSSv3
CVE-2019-5454
SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account.
Nextcloud Nextcloud 1.0.0
Nextcloud Nextcloud 1.0.1
Nextcloud Nextcloud 1.1.0
Nextcloud Nextcloud 1.2.0
Nextcloud Nextcloud 1.3.0
Nextcloud Nextcloud 1.3.1
Nextcloud Nextcloud 1.4.0
Nextcloud Nextcloud 1.4.1
Nextcloud Nextcloud 1.4.2
Nextcloud Nextcloud 1.4.3
Nextcloud Nextcloud 2.0.0
Nextcloud Nextcloud 2.0.1
Nextcloud Nextcloud 3.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started