Filters
Versions
Nextcloud Nextcloud ServerNextcloud Server can reshare read&share only folder with more permissions
8.1
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server users can make external storage mount points inaccessible for other users
8.5
First published (updated )
Nextcloud Nextcloud ServerOAuth2 client_secret stored in plain text in the Nextcloud database
8.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server has improper restriction of excessive authentication attempts on WebDAV endpoint
7.5
First published (updated )
Nextcloud Nextcloud ServerMissing password confirmation when creating app passwords
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerUsers can delete external storage mount points
7.7
First published (updated )
Nextcloud Nextcloud ServerNextcloud system addressbooks can be modified by malicious trusted server
8.1
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. When m…
8.7
First published (updated )
Nextcloud Nextcloud ServerNextcloud server is an open source personal cloud implementation. Missing brute-force protection on …
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud server provides a home for data. A regression in the session handling between Nextcloud Se…
7.2
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server missing brute force protection for passwords of password protected share links
7.5
First published (updated )
Nextcloud Nextcloud ServerUsers can set up workflows using restricted and invisible system tags in Nextcloud
8.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud server is an open source home cloud implementation. In releases of the 25.0.x branch befor…
7.5
First published (updated )
Nextcloud Nextcloud ServerInsecure randomness for default password in nextcloud
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerUnrestricted filenames for logo or favicon as admin in the theming settings in nextcloud server
8.8
First published (updated )
Nextcloud Nextcloud ServerDelete permissions are not saved when creating public share in Nextcloud server
8.1
First published (updated )
Nextcloud Nextcloud ServerMissing brute force protection on password reset token in Nextcloud Server
7.1
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server and Enterprise Server missing brute force protection on password confirmation modal
7.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud download permissions can be changed by resharer
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerDirectory traversal in Nextcloud server
7.5
First published (updated )
Nextcloud Nextcloud Enterprise ServerAuthentication headers exposed on by Nextcloud Server
7.5
First published (updated )
Nextcloud Nextcloud ServerRate-limits not working on instances without configured memory cache backend
8.1
First published (updated )
Nextcloud Nextcloud ServerBypass of Two Factor Authentication in Nextcloud server
8.1
First published (updated )
Nextcloud Nextcloud ServerLack of ratelimit on public DAV endpoint
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerApplication specific tokens can change their own scope
8.8
First published (updated )
Nextcloud Nextcloud ServerFilenames not escaped by default in controllers using DownloadResponse
8.8
First published (updated )
Nextcloud Nextcloud ServerTrusted servers exchange can be triggered by attacker
8.6
First published (updated )
Nextcloud Nextcloud ServerA wrong check in Nextcloud Server 19 and prior allowed to perform a denial of service attack when re…
7.5
First published (updated )
Nextcloud Nextcloud ServerInsufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an att…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerA logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it wa…
7.5
First published (updated )
Nextcloud Nextcloud ServerAn Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to …
7.7
First published (updated )
Nextcloud Nextcloud ServerA bug in Nextcloud Server 14.0.4 could expose more data in reshared link shares than intended by the…
8.1
First published (updated )
Nextcloud Nextcloud ServerImproper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerImproper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obt…
8.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token en…
8.1
First published (updated )
ownCloud ownCloudNextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer fr…
8.1
First published (updated )