Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud nextcloud vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-35171
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. Starting in version 26.0.0 and prior to version 26.0.2, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain to an at...
Nextcloud Nextcloud Server
NA
CVE-2023-35172
NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until 22.2.10...
Nextcloud Nextcloud Server
NA
CVE-2023-26041
Nextcloud Talk is a fully on-premises audio/video and chat communication service. When cron jobs were misconfigured and therefore messages are not expired, the API would still return them while they were then hidden by the frontend code. It is recommended that the Nextcloud Talk ...
Nextcloud Nextcloud Talk
NA
CVE-2023-39960
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server starting with 25.0.0 and before 25.09 and 26.04; as well as Nextcloud Enterprise Server starting with 22.0.0 and before 22.2.10.14, 23.0.12.9, 24.0.12.5, 25.0.9, and 26.0.4; m...
Nextcloud Nextcloud Server
NA
CVE-2023-25816
Nextcloud is an Open Source private cloud software. Versions 25.0.0 and above, before 25.0.3, are subject to Uncontrolled Resource Consumption. A user can configure a very long password, consuming more resources on password validation than desired. This issue is patched in 25.0.3...
Nextcloud Nextcloud Server
NA
CVE-2023-25817
Nextcloud server is an open source, personal cloud implementation. In versions from 24.0.0 and prior to 24.0.9 a user could escalate their permissions to delete files they were not supposed to deletable but only viewed or downloaded. This issue has been addressed andit is recomme...
Nextcloud Nextcloud Server
NA
CVE-2023-25818
Nextcloud server is an open source, personal cloud implementation. In affected versions a malicious user could try to reset the password of another user and then brute force the 62^21 combinations for the password reset token. As of commit `704eb3aa` password reset attempts are n...
Nextcloud Nextcloud Server
NA
CVE-2023-25820
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Enterprise Server is the enterprise version of the file server software. In Nextcloud Server versions 25.0.x before 25.0.5 and versions 24.0.x before 24.0.10 as well as ...
Nextcloud Nextcloud Server
NA
CVE-2022-41968
Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.10 and 24.0.5, calendar name lengths are not validated before writing to a database. As a result, an attacker can send unnecessary amounts of data against the database. Version 23.0.10 and 24.0.5 con...
Nextcloud Nextcloud Server
NA
CVE-2022-41969
Nextcloud Server is an open source personal cloud server. Prior to versions 23.0.11, 24.0.7, and 25.0.0, there is no password length limit when creating a user as an administrator. An administrator can cause a limited DoS attack against their own server. Versions 23.0.11, 24.0.7,...
Nextcloud Nextcloud Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »