Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud vulnerabilities and exploits
(subscribe to this query)
320
VMScore
CVE-2018-16463
A bug causing session fixation in Nextcloud Server before 14.0.0, 13.0.3 and 12.0.8 could potentially allow an malicious user to obtain access to password protected shares.
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 14.0.0
490
VMScore
CVE-2018-16466
Improper revalidation of permissions in Nextcloud Server before 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens.
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 14.0.0
490
VMScore
CVE-2017-0883
Nextcloud Server prior to 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an ma...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 10.0.2
356
VMScore
CVE-2021-41241
Nextcloud server is a self hosted system designed to provide cloud style services. The groupfolders application for Nextcloud allows sharing a folder with a group of people. In addition, it allows setting "advanced permissions" on subfolders, for example, a user could b...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 22.2.0
NA
CVE-2023-25821
Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, before 24.0.7, and 25.0.0 and above, before 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in ...
Nextcloud Nextcloud Server 25.0.0
Nextcloud Nextcloud Server
NA
CVE-2022-41970
Nextcloud Server is an open source personal cloud server. Prior to versions 24.0.7 and 25.0.1, disabled download shares still allow download through preview images. Images could be downloaded and previews of documents (first page) can be downloaded without being watermarked. Vers...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 25.0.0
NA
CVE-2022-39364
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server prior to versions 23.0.9 and 24.0.5 and Nextcloud Enterprise Server prior to versions 22.2.10.5, 23.0.9, and 24.0.5 an attacker reading `nextcloud.log` may gain kn...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
436
VMScore
CVE-2017-0936
Nextcloud Server prior to 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither ...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 12.0.5
NA
CVE-2022-39211
Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
NA
CVE-2022-39329
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 23.0.9 and 24.0.5 are vulnerable to exposure of information that cannot be controlled by administrators without dire...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »