Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud server vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2016-9464
Nextcloud Server prior to 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users and groups. In case of a received group share, users should be able to unshare t...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 10.0
320
VMScore
CVE-2018-16463
A bug causing session fixation in Nextcloud Server before 14.0.0, 13.0.3 and 12.0.8 could potentially allow an malicious user to obtain access to password protected shares.
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 14.0.0
490
VMScore
CVE-2018-16466
Improper revalidation of permissions in Nextcloud Server before 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 14.0.0
445
VMScore
CVE-2021-41239
Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings w...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
356
VMScore
CVE-2021-41241
Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting "advanced permissions" on subfolders, for example, a user could b...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
490
VMScore
CVE-2017-0883
Nextcloud Server prior to 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an ma...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 10.0.2
436
VMScore
CVE-2017-0936
Nextcloud Server prior to 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither ...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 12.0.5
383
VMScore
CVE-2017-0888
Nextcloud Server prior to 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.
Nextcloud Nextcloud
Nextcloud Nextcloud Server 10.0.2
312
VMScore
CVE-2019-15619
Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project.
Nextcloud Deck
Nextcloud Nextcloud Server
Nextcloud Talk
NA
CVE-2023-30539
Nextcloud is a personal home server system. Depending on the set up tags and other workflows this issue can be used to limit access of others or being able to grant them access when there are system tag based files access control or files retention rules. It is recommended that t...
Nextcloud Nextcloud Files Automated Tagging 1.12.0
Nextcloud Nextcloud Files Automated Tagging 1.13.0
Nextcloud Nextcloud Files Automated Tagging
Nextcloud Nextcloud Files Automated Tagging 1.16.0
Nextcloud Nextcloud Files Automated Tagging 1.11.0
Nextcloud Nextcloud Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »