Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud server vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-22912
Nextcloud iOS prior to 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.
Nextcloud Nextcloud
4.3
CVSSv2
CVE-2021-22913
Nextcloud Deck prior to 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user.
Nextcloud Deck
4.3
CVSSv2
CVE-2020-8120
A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 exists in the svg generation.
Nextcloud Nextcloud Server 16.0.1
4.3
CVSSv2
CVE-2018-16465
Missing state in Nextcloud Server before 14.0.0 would not enforce the use of a second factor at login if the the provider of the second factor failed to load.
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2017-0892
Nextcloud Server prior to 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file.
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2017-0894
Nextcloud Server prior to 11.0.3 is vulnerable to disclosure of valid share tokens for public calendars due to a logical error. Thus granting an attacker potentially access to publicly shared calendars without knowing the share token.
Nextcloud Nextcloud Server
4.3
CVSSv2
CVE-2017-0888
Nextcloud Server prior to 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.
Nextcloud Nextcloud
Nextcloud Nextcloud Server 10.0.2
4.3
CVSSv2
CVE-2016-9459
Nextcloud Server prior to 9.0.52 & ownCloud Server prior to 9.0.4 are vulnerable to a log pollution vulnerability potentially leading to a local XSS. The download log functionality in the admin screen is delivering the log in JSON format to the end-user. The file was delivere...
Nextcloud Nextcloud Server
Owncloud Owncloud
4.3
CVSSv2
CVE-2016-9466
Nextcloud Server prior to 10.0.1 & ownCloud Server prior to 9.0.6 and 9.1.2 suffer from Reflected XSS in the Gallery application. The gallery app was not properly sanitizing exception messages from the Nextcloud/ownCloud server. Due to an endpoint where an attacker could infl...
Owncloud Owncloud
Nextcloud Nextcloud Server
4
CVSSv2
CVE-2022-31131
Nextcloud mail is a Mail app for the Nextcloud home server product. Versions of Nextcloud mail before 1.12.2 were found to be missing user account ownership checks when performing tasks related to mail attachments. Attachments may have been exposed to incorrect system users. It i...
Nextcloud Nextcloud Mail
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »