Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud server vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-25159
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x before 24.0.8 and 25.0.x before 25.0.1, Nextcloud Enterprise Server 24.0.x before 2...
Nextcloud Nextcloud Server 25.0.0
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 24.0.2
Nextcloud Richdocuments 7.0.0
Nextcloud Richdocuments
3.5
CVSSv3
CVE-2022-31014
Nextcloud server is an open source personal cloud server. Affected versions were found to be vulnerable to SMTP command injection. The impact varies based on which commands are supported by the backend SMTP server. However, the main risk here is that the attacker can then hijack ...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 24.0.0
5.3
CVSSv3
CVE-2023-25161
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service slowd...
Nextcloud Nextcloud Server 25.0.0
Nextcloud Nextcloud Server
6.5
CVSSv3
CVE-2022-24741
Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud S...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 23.0.0
5.7
CVSSv3
CVE-2017-0936
Nextcloud Server prior to 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither ...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 12.0.5
5.3
CVSSv3
CVE-2021-41239
Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings w...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
4.3
CVSSv3
CVE-2021-41241
Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting "advanced permissions" on subfolders, for example, a user could b...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
7.5
CVSSv3
CVE-2022-36074
Nextcloud server is an open source personal cloud product. Affected versions of this package are vulnerable to Information Exposure which fails to strip the Authorization header on HTTP downgrade. This can lead to account access exposure and compromise. It is recommended that the...
Nextcloud Nextcloud Enterprise Server
Nextcloud Nextcloud Server
7.5
CVSSv3
CVE-2023-25821
Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, before 24.0.7, and 25.0.0 and above, before 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in ...
Nextcloud Nextcloud Server 25.0.0
Nextcloud Nextcloud Server
6.7
CVSSv3
CVE-2023-32318
Nextcloud server provides a home for data. A regression in the session handling between Nextcloud Server and the Nextcloud Text app prevented a correct destruction of the session on logout if cookies were not cleared manually. After successfully authenticating with any other acco...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 26.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »