Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud vulnerabilities and exploits
(subscribe to this query)
2.4
CVSSv3
CVE-2022-24885
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.1, users can bypass a lock on the Nextcloud app on an Android device by repeatedly reopening the app. Version 3.19.1 contains a fix for the problem. There are cur...
Nextcloud Nextcloud
2.4
CVSSv3
CVE-2019-15622
Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an malicious user to get content information from protected tables when using custom queries.
Nextcloud Nextcloud
3.8
CVSSv3
CVE-2022-24886
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. In versions before 3.19.0, any application with notification permission can access contacts if Nextcloud has access to Contacts without applying for the Contacts permission itself. Ver...
Nextcloud Nextcloud
4.3
CVSSv3
CVE-2023-49790
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. N...
Nextcloud Nextcloud
3.3
CVSSv3
CVE-2021-32695
Nextcloud Android app is the Android client for Nextcloud. In versions before 3.16.1, a malicious app on the same device could have gotten access to the shared preferences of the Nextcloud Android application. This required user-interaction as a victim had to initiate the sharing...
Nextcloud Nextcloud
4.3
CVSSv3
CVE-2021-22896
Nextcloud Mail prior to 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
Nextcloud Nextcloud
6.5
CVSSv3
CVE-2021-22912
Nextcloud iOS prior to 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.
Nextcloud Nextcloud
2.4
CVSSv3
CVE-2023-28646
Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from 3.7.0 and prior to 3.24.1 an attacker that has access to the unlocked physical device can bypass the Nextcloud Android Pin/passcode protection via a thirdparty app. This...
Nextcloud Nextcloud
5.5
CVSSv3
CVE-2022-39210
Nextcloud android is the official Android client for the Nextcloud home server platform. Internal paths to the Nextcloud Android app files are not properly protected. As a result access to internal files of the from within the Nextcloud Android app is possible. This may lead to a...
Nextcloud Nextcloud
4.9
CVSSv3
CVE-2019-15611
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.
Nextcloud Nextcloud
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »