Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud server vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-26482
Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users to create workflows which are designed to be only available for administrators. Some workflows are designed to be RCE by invoking defined scripts, in order ...
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2021-32734
Nextcloud Server is a Nextcloud package that handles data storage. In versions before 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared ...
Nextcloud Nextcloud Server
9.8
CVSSv3
CVE-2021-32802
Nextcloud server is an open source, self hosted personal cloud. Nextcloud supports rendering image previews for user provided file content. For some image types, the Nextcloud server was invoking a third-party library that wasn't suited for untrusted user-supplied content. T...
Nextcloud Nextcloud Server
8.8
CVSSv3
CVE-2023-28643
Nextcloud server is an open source home cloud implementation. In affected versions when a recipient receives 2 shares with the same name, while a memory cache is configured, the second share will replace the first one instead of being renamed to `{name} (2)`. It is recommended th...
Nextcloud Nextcloud Server
7.5
CVSSv3
CVE-2023-28644
Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch prior to 25.0.3 an inefficient fetch operation may impact server performances and/or can lead to a denial of service. This issue has been addressed and it is recommended that the Nextcl...
Nextcloud Nextcloud Server
8.8
CVSSv3
CVE-2023-28833
Nextcloud server is an open source home cloud implementation. In affected versions admins of a server were able to upload a logo or a favicon and to provided a file name which was not restricted and could overwrite files in the appdata directory. Administrators may have access to...
Nextcloud Nextcloud Server
4.3
CVSSv3
CVE-2023-28834
Nextcloud Server is an open source personal cloud server. Nextcloud Server 24.0.0 until 24.0.6 and 25.0.0 until 25.0.4, as well as Nextcloud Enterprise Server 23.0.0 until 23.0.11, 24.0.0 until 24.0.6, and 25.0.0 until 25.0.4, have an information disclosure vulnerability. A user ...
Nextcloud Nextcloud Server
7.5
CVSSv3
CVE-2023-28835
Nextcloud server is an open source home cloud implementation. In affected versions the generated fallback password when creating a share was using a weak complexity random number generator, so when the sharer did not change it the password could be guessable to an attacker willin...
Nextcloud Nextcloud Server
6.5
CVSSv3
CVE-2023-28844
Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users ...
Nextcloud Nextcloud Server
7.5
CVSSv3
CVE-2023-28847
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server 24.0.0 before 24.0.11 and 25.0.0 before 25.0.5; as well as Nextcloud Server Enterprise 23.0.0 before 23.0.12.6, 24.0.0 before 24.0.11, and 25.0.0 before 25.0.5; an...
Nextcloud Nextcloud Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »