Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-41241
Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting "advanced permissions" on subfolders, for example, a user could b...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
3.5
CVSSv3
CVE-2022-31014
Nextcloud server is an open source personal cloud server. Affected versions were found to be vulnerable to SMTP command injection. The impact varies based on which commands are supported by the backend SMTP server. However, the main risk here is that the attacker can then hijack ...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 24.0.0
6.7
CVSSv3
CVE-2023-32318
Nextcloud server provides a home for data. A regression in the session handling between Nextcloud Server and the Nextcloud Text app prevented a correct destruction of the session on logout if cookies were not cleared manually. After successfully authenticating with any other acco...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 26.0.0
5.3
CVSSv3
CVE-2021-41239
Nextcloud server is a self hosted system designed to provide cloud style services. In affected versions the User Status API did not consider the user enumeration settings by the administrator. This allowed a user to enumerate other users on the instance, even when user listings w...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
4.3
CVSSv3
CVE-2022-39330
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to versions 23.0.10 and 24.0.6 and Nextcloud Enterprise Server prior to versions 22.2.10, 23.0.10, and 24.0.6 are vulnerable to a logged-in attacker slowing dow...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
4.3
CVSSv3
CVE-2016-9464
Nextcloud Server prior to 9.0.54 and 10.0.0 suffers from an improper authorization check on removing shares. The Sharing Backend as implemented in Nextcloud does differentiate between shares to users and groups. In case of a received group share, users should be able to unshare t...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 10.0
5.3
CVSSv3
CVE-2022-41970
Nextcloud Server is an open source personal cloud server. Prior to versions 24.0.7 and 25.0.1, disabled download shares still allow download through preview images. Images could be downloaded and previews of documents (first page) can be downloaded without being watermarked. Vers...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 25.0.0
4.3
CVSSv3
CVE-2017-0888
Nextcloud Server prior to 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.
Nextcloud Nextcloud
Nextcloud Nextcloud Server 10.0.2
4.8
CVSSv3
CVE-2019-15619
Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project.
Nextcloud Deck
Nextcloud Nextcloud Server
Nextcloud Talk
8.8
CVSSv3
CVE-2023-30539
Nextcloud is a personal home server system. Depending on the set up tags and other workflows this issue can be used to limit access of others or being able to grant them access when there are system tag based files access control or files retention rules. It is recommended that t...
Nextcloud Nextcloud Files Automated Tagging 1.12.0
Nextcloud Nextcloud Files Automated Tagging 1.13.0
Nextcloud Nextcloud Files Automated Tagging
Nextcloud Nextcloud Files Automated Tagging 1.16.0
Nextcloud Nextcloud Files Automated Tagging 1.11.0
Nextcloud Nextcloud Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »