Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud vulnerabilities and exploits
(subscribe to this query)
3.8
CVSSv3
CVE-2022-24886
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. In versions before 3.19.0, any application with notification permission can access contacts if Nextcloud has access to Contacts without applying for the Contacts permission itself. Ver...
Nextcloud Nextcloud
2.4
CVSSv3
CVE-2023-28646
Nextcloud android is an android app for interfacing with the nextcloud home server ecosystem. In versions from 3.7.0 and prior to 3.24.1 an attacker that has access to the unlocked physical device can bypass the Nextcloud Android Pin/passcode protection via a thirdparty app. This...
Nextcloud Nextcloud
4.6
CVSSv3
CVE-2021-32658
Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This could include sensitive key material such as the End-to-End encryption keys. It is...
Nextcloud Nextcloud
5.5
CVSSv3
CVE-2021-32694
Nextcloud Android app is the Android client for Nextcloud. In versions before 3.15.1, a malicious application on the same device is possible to crash the Nextcloud Android Client due to an uncaught exception. The vulnerability is patched in version 3.15.1.
Nextcloud Nextcloud
4.3
CVSSv3
CVE-2023-49790
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. N...
Nextcloud Nextcloud
4.3
CVSSv3
CVE-2024-22401
Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users could change the allowed list of apps, allowing them to use apps that were not intended to be used. It is recommended that the Guests app is upgraded to 2...
Nextcloud Guests 3.0.0
Nextcloud Guests
Nextcloud Guests 2.5.0
5.4
CVSSv3
CVE-2024-22402
Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users were able to load the first page of apps they were actually not allowed to access. Depending on the selection of apps installed this may present a permiss...
Nextcloud Guests 3.0.0
Nextcloud Guests
Nextcloud Guests 2.5.0
8.8
CVSSv3
CVE-2018-3775
Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2018-3776
Improper input validator in Nextcloud Server before 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.
Nextcloud Nextcloud Server
4.3
CVSSv3
CVE-2022-29243
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.7 and 23.0.4, missing input-size validation of new session names allows users to create app passwords with long names. These long names are then loaded into mem...
Nextcloud Nextcloud Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »