Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-41166
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions before 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required `MANAGE_DOCUMENTS` permission may vie...
Nextcloud Nextcloud
4
CVSSv2
CVE-2019-15611
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.
Nextcloud Nextcloud
3.5
CVSSv2
CVE-2019-15614
Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files.
Nextcloud Nextcloud
3.6
CVSSv2
CVE-2019-15615
A wrong check for the system time in the Android App 3.9.0 causes a bypass of the lock protection when changing the time of the system to the past.
Nextcloud Nextcloud
2.1
CVSSv2
CVE-2019-15622
Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an malicious user to get content information from protected tables when using custom queries.
Nextcloud Nextcloud
4
CVSSv2
CVE-2021-22896
Nextcloud Mail prior to 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
Nextcloud Nextcloud
4.3
CVSSv2
CVE-2021-22905
Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using the local Nextcloud server unless a global search has been explicitly chosen by th...
Nextcloud Nextcloud
4.3
CVSSv2
CVE-2021-22912
Nextcloud iOS prior to 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.
Nextcloud Nextcloud
5
CVSSv2
CVE-2021-43863
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the providers `FileContentProvider` and `DiskLruImageCacheFileProvider` have security ...
Nextcloud Nextcloud
4.6
CVSSv2
CVE-2019-5450
Improper sanitization of HTML in directory names in the Nextcloud Android app prior to version 3.7.0 allowed to style the directory name in the header bar when using basic HTML.
Nextcloud Nextcloud
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »