Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud server vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2023-35927
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10...
Nextcloud Nextcloud Server
4.4
CVSSv3
CVE-2020-8152
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an malicious user to replace the public key to decrypt them later on.
Nextcloud Nextcloud Server
2 Github repositories
5.4
CVSSv3
CVE-2020-8155
An outdated 3rd party library in the Files PDF viewer for Nextcloud Server 18.0.2 caused a Cross-site scripting vulnerability when opening a malicious PDF.
Nextcloud Nextcloud Server
7.5
CVSSv3
CVE-2020-8183
A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call.
Nextcloud Nextcloud Server
5.7
CVSSv3
CVE-2018-16464
A missing access check in Nextcloud Server before 14.0.0 could lead to continued access to password protected link shares when the owner had changed the password.
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2018-16467
A missing check in Nextcloud Server before 14.0.0 could give unauthorized access to the previews of single file password protected shares.
Nextcloud Nextcloud Server
8.1
CVSSv3
CVE-2023-25817
Nextcloud server is an open source, personal cloud implementation. In versions from 24.0.0 and prior to 24.0.9 a user could escalate their permissions to delete files they were not supposed to deletable but only viewed or downloaded. This issue has been addressed andit is recomme...
Nextcloud Nextcloud Server
9.8
CVSSv3
CVE-2023-48306
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 2...
Nextcloud Nextcloud Server
8.1
CVSSv3
CVE-2018-3761
Nextcloud Server prior to 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2018-3776
Improper input validator in Nextcloud Server before 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.
Nextcloud Nextcloud Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
open redirect
CVE-2024-3946
LFI
CVE-2024-25977
CVE-2024-36368
CVE-2024-23109
CVE-2024-23580
CVE-2024-23108
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »