Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-25821
Nextcloud is an Open Source private cloud software. Versions 24.0.4 and above, before 24.0.7, and 25.0.0 and above, before 25.0.1, contain Improper Access Control. Secure view for internal shares can be circumvented if reshare permissions are also given. This issue is patched in ...
Nextcloud Nextcloud Server 25.0.0
Nextcloud Nextcloud Server
5.3
CVSSv3
CVE-2022-39211
Nextcloud server is an open source personal cloud platform. In affected versions it was found that locally running webservices can be found and requested erroneously. It is recommended that the Nextcloud Server is upgraded to 23.0.8 or 24.0.4. It is recommended that the Nextcloud...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Enterprise Server
6.4
CVSSv3
CVE-2017-0883
Nextcloud Server prior to 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an ma...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 10.0.2
5.7
CVSSv3
CVE-2017-0936
Nextcloud Server prior to 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownership check allowed logged-in users to change the scope of app passwords of other users. Note that the app passwords themselves where neither ...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 12.0.5
6.5
CVSSv3
CVE-2022-24741
Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the server to allocate too much memory / CPU. It is recommended that the Nextcloud S...
Nextcloud Nextcloud Server
Nextcloud Nextcloud Server 23.0.0
4.3
CVSSv3
CVE-2023-45148
Nextcloud is an open source home cloud server. When Memcached is used as `memcache.distributed` the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Us...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
8.8
CVSSv3
CVE-2023-45151
Nextcloud server is an open source home cloud platform. Affected versions of Nextcloud stored OAuth2 tokens in plaintext which allows an attacker who has gained access to the server to potentially elevate their privilege. This issue has been addressed and users are recommended to...
Nextcloud Nextcloud Server 27.0.0
Nextcloud Nextcloud Server
4.3
CVSSv3
CVE-2017-0888
Nextcloud Server prior to 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable input leading to a potential misrepresentation of information.
Nextcloud Nextcloud
Nextcloud Nextcloud Server 10.0.2
4.8
CVSSv3
CVE-2019-15619
Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project.
Nextcloud Deck
Nextcloud Nextcloud Server
Nextcloud Talk
7.5
CVSSv3
CVE-2023-28644
Nextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch prior to 25.0.3 an inefficient fetch operation may impact server performances and/or can lead to a denial of service. This issue has been addressed and it is recommended that the Nextcl...
Nextcloud Nextcloud Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »