Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv3
CVE-2021-32658
Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Due to a timeout issue the Android client may not properly clean all sensitive data on account removal. This could include sensitive key material such as the End-to-End encryption keys. It is...
Nextcloud Nextcloud
2.4
CVSSv3
CVE-2019-5452
Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved.
Nextcloud Nextcloud
2.4
CVSSv3
CVE-2022-24885
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.1, users can bypass a lock on the Nextcloud app on an Android device by repeatedly reopening the app. Version 3.19.1 contains a fix for the problem. There are cur...
Nextcloud Nextcloud
3.8
CVSSv3
CVE-2022-24886
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. In versions before 3.19.0, any application with notification permission can access contacts if Nextcloud has access to Contacts without applying for the Contacts permission itself. Ver...
Nextcloud Nextcloud
4.3
CVSSv3
CVE-2021-22896
Nextcloud Mail prior to 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users.
Nextcloud Nextcloud
6.5
CVSSv3
CVE-2021-22905
Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using the local Nextcloud server unless a global search has been explicitly chosen by th...
Nextcloud Nextcloud
6.5
CVSSv3
CVE-2021-22912
Nextcloud iOS prior to 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user.
Nextcloud Nextcloud
7.5
CVSSv3
CVE-2021-43863
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the providers `FileContentProvider` and `DiskLruImageCacheFileProvider` have security ...
Nextcloud Nextcloud
3.3
CVSSv3
CVE-2022-29160
Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder's informat...
Nextcloud Nextcloud
5.5
CVSSv3
CVE-2021-32694
Nextcloud Android app is the Android client for Nextcloud. In versions before 3.15.1, a malicious application on the same device is possible to crash the Nextcloud Android Client due to an uncaught exception. The vulnerability is patched in version 3.15.1.
Nextcloud Nextcloud
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »