Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud server vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-32741
Nextcloud Server is a Nextcloud package that handles data storage. In versions before 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public share link mount endpoint. This may have allowed an malicious user to enumerate potentially valid share tokens. The is...
Nextcloud Nextcloud Server
5.5
CVSSv3
CVE-2021-32801
Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded t...
Nextcloud Nextcloud Server
5.4
CVSSv3
CVE-2023-48302
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, when a user is tricked into copy pasting HTML code without markup...
Nextcloud Nextcloud Server
2.7
CVSSv3
CVE-2023-48303
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, admins can change authentication details of user configured exter...
Nextcloud Nextcloud Server
4.3
CVSSv3
CVE-2023-48304
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and starting in version 22.0.0 and prior to versions 22.2.10.16, 23.0.12.11, 24.0.12.7, 25.0.11, 2...
Nextcloud Nextcloud Server
4.4
CVSSv3
CVE-2023-48305
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, when the log level was set to debug, the user_ldap app logged use...
Nextcloud Nextcloud Server
8.8
CVSSv3
CVE-2023-26482
Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users to create workflows which are designed to be only available for administrators. Some workflows are designed to be RCE by invoking defined scripts, in order ...
Nextcloud Nextcloud Server
5.7
CVSSv3
CVE-2018-16464
A missing access check in Nextcloud Server before 14.0.0 could lead to continued access to password protected link shares when the owner had changed the password.
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2018-16465
Missing state in Nextcloud Server before 14.0.0 would not enforce the use of a second factor at login if the the provider of the second factor failed to load.
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2018-16467
A missing check in Nextcloud Server before 14.0.0 could give unauthorized access to the previews of single file password protected shares.
Nextcloud Nextcloud Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »