Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-22896
Nextcloud Mail prior to 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
Nextcloud Nextcloud
2.1
CVSSv2
CVE-2022-24885
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.1, users can bypass a lock on the Nextcloud app on an Android device by repeatedly reopening the app. Version 3.19.1 contains a fix for the problem. There are cur...
Nextcloud Nextcloud
4
CVSSv2
CVE-2019-15611
Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.
Nextcloud Nextcloud
3.5
CVSSv2
CVE-2019-15614
Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files.
Nextcloud Nextcloud
NA
CVE-2022-39210
Nextcloud android is the official Android client for the Nextcloud home server platform. Internal paths to the Nextcloud Android app files are not properly protected. As a result access to internal files of the from within the Nextcloud Android app is possible. This may lead to a...
Nextcloud Nextcloud
5
CVSSv2
CVE-2021-41166
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. An issue in versions before 3.17.1 may lead to sensitive information disclosure. An unauthorized app that does not have the otherwise required `MANAGE_DOCUMENTS` permission may vie...
Nextcloud Nextcloud
2.1
CVSSv2
CVE-2021-32658
Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This could include sensitive key material such as the End-to-End encryption keys. It is...
Nextcloud Nextcloud
4.3
CVSSv2
CVE-2021-32694
Nextcloud Android app is the Android client for Nextcloud. In versions before 3.15.1, a malicious application on the same device is possible to crash the Nextcloud Android Client due to an uncaught exception. The vulnerability is patched in version 3.15.1.
Nextcloud Nextcloud
5
CVSSv2
CVE-2021-32727
Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions before 3.16.1, the Nextcloud Android client skipped a step that involved the client checkin...
Nextcloud Nextcloud
5
CVSSv2
CVE-2021-43863
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the providers `FileContentProvider` and `DiskLruImageCacheFileProvider` have security ...
Nextcloud Nextcloud
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »