Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28644
Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch prior to 25.0.3 an inefficient fetch operation may impact server performances and/or can lead to a denial of service. This issue has been addressed and it is recommended that the Nextcl...
Nextcloud Nextcloud Server
490
VMScore
CVE-2019-15617
A missing check in Nextcloud Server 17.0.0 allowed an malicious user to set up a new second factor when trying to login.
Nextcloud Nextcloud Server
NA
CVE-2023-28833
Nextcloud server is an open source home cloud implementation. In affected versions admins of a server were able to upload a logo or a favicon and to provided a file name which was not restricted and could overwrite files in the appdata directory. Administrators may have access to...
Nextcloud Nextcloud Server
NA
CVE-2023-28835
Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willin...
Nextcloud Nextcloud Server
NA
CVE-2023-28844
Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users ...
Nextcloud Nextcloud Server
188
VMScore
CVE-2020-8152
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an malicious user to replace the public key to decrypt them later on.
Nextcloud Nextcloud Server
2 Github repositories
NA
CVE-2023-35172
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10...
Nextcloud Nextcloud Server
445
VMScore
CVE-2021-32725
Nextcloud Server is a Nextcloud package that handles data storage. In versions before 19.0.13, 20.011, and 21.0.3, default share permissions were not being respected for federated reshares of files and folders. The issue was fixed in versions 19.0.13, 20.0.11, and 21.0.3. There a...
Nextcloud Nextcloud Server
668
VMScore
CVE-2021-32726
Nextcloud Server is a Nextcloud package that handles data storage. In versions before 19.0.13, 20.011, and 21.0.3, webauthn tokens were not deleted after a user has been deleted. If a victim reused an earlier used username, the previous user could gain access to their account. Th...
Nextcloud Nextcloud Server
356
VMScore
CVE-2018-3762
Nextcloud Server prior to 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.
Nextcloud Nextcloud Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »