Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-32733
Nextcloud Text is a collaborative document editing application that uses Markdown. A cross-site scripting vulnerability is present in versions before 19.0.13, 20.0.11, and 21.0.3. The Nextcloud Text application shipped with Nextcloud server used a `text/html` Content-Type when se...
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2021-32734
Nextcloud Server is a Nextcloud package that handles data storage. In versions before 19.0.13, 20.011, and 21.0.3, the Nextcloud Text application shipped with Nextcloud Server returned verbatim exception messages to the user. This could result in a full path disclosure on shared ...
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2021-32741
Nextcloud Server is a Nextcloud package that handles data storage. In versions before 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public share link mount endpoint. This may have allowed an malicious user to enumerate potentially valid share tokens. The is...
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2021-32766
Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. In affected versions the Nextcloud Text application returned different error messages depending on whether a folder existed in a public link share. This is problematic in case th...
Nextcloud Nextcloud Server
8.1
CVSSv3
CVE-2021-32800
Nextcloud server is an open source, self hosted personal cloud. In affected versions an attacker is able to bypass Two Factor Authentication in Nextcloud. Thus knowledge of a password, or access to a WebAuthN trusted device of a user was sufficient to gain access to an account. I...
Nextcloud Nextcloud Server
5.5
CVSSv3
CVE-2021-32801
Nextcloud server is an open source, self hosted personal cloud. In affected versions logging of exceptions may have resulted in logging potentially sensitive key material for the Nextcloud Encryption-at-Rest functionality. It is recommended that the Nextcloud Server is upgraded t...
Nextcloud Nextcloud Server
4.3
CVSSv3
CVE-2019-5449
A missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event names when adding or modifying confidential or private events.
Nextcloud Nextcloud Server
1 Github repository
4.6
CVSSv3
CVE-2019-5451
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the files when repeatedly opening and closing the app in a very short time.
Nextcloud Nextcloud Server
6.8
CVSSv3
CVE-2019-5455
Bypassing lock protection exists in Nextcloud Android app 3.6.0 when creating a multi-account and aborting the process.
Nextcloud Nextcloud 3.6.0
4.3
CVSSv3
CVE-2017-0884
Nextcloud Server prior to 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated adversary is able to create empty folders inside a shared folder. Note that thi...
Nextcloud Nextcloud Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »