Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud server vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-25159
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x before 24.0.8 and 25.0.x before 25.0.1, Nextcloud Enterprise Server 24.0.x before 2...
Nextcloud Nextcloud Server 25.0.0
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 24.0.2
Nextcloud Richdocuments 7.0.0
Nextcloud Richdocuments
6.5
CVSSv3
CVE-2022-39364
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server prior to versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server prior to versions 22.2.10.5, 23.0.9, and 24.0.5 an attacker reading `nextcloud.log` may gain kn...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
3.1
CVSSv3
CVE-2018-16463
A bug causing session fixation in Nextcloud Server before 14.0.0, 13.0.3 and 12.0.8 could potentially allow an malicious user to obtain access to password protected shares.
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 14.0.0
8.1
CVSSv3
CVE-2018-16466
Improper revalidation of permissions in Nextcloud Server before 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 14.0.0
5.7
CVSSv3
CVE-2017-0936
Nextcloud Server prior to 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither ...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 12.0.5
4.3
CVSSv3
CVE-2023-45148
Nextcloud is an open source home cloud server. When Memcached is used as `memcache.distributed` the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Us...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
8.8
CVSSv3
CVE-2023-45151
Nextcloud server is an open source home cloud platform. Affected versions of Nextcloud stored OAuth2 tokens in plaintext which allows an attacker who has gained access to the server to potentially elevate their privilege. This issue has been addressed and users are recommended to...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2021-41239
Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings w...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
4.3
CVSSv3
CVE-2021-41241
Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting "advanced permissions" on subfolders, for example, a user could b...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
6.5
CVSSv3
CVE-2022-24741
Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud S...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 23.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »