Filters
Nextcloud Nextcloud ServerNextcloud Server can reshare read&share only folder with more permissions
8.1
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's read-only users can restore old versions
4.3
First published (updated )
Nextcloud Nextcloud ServerBruteforce protection can be bypassed with misconfigured proxy
9.8
First published (updated )
Nextcloud Nextcloud ServerWorkflows do not require password confirmation on API level
5.4
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server DNS pin middleware can be tricked into DNS rebinding allowing SSRF
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Server vulnerable to attacker enabling/disabling birthday calendar for any user
4.3
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server users can make external storage mount points inaccessible for other users
8.5
First published (updated )
Nextcloud Nextcloud ServerRate limiter not working reliable when Memcached is installed in Nextcloud
4.3
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server has improper restriction of excessive authentication attempts on WebDAV endpoint
7.5
First published (updated )
Nextcloud Nextcloud ServerMissing password confirmation when creating app passwords
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerUsers can delete external storage mount points
7.7
First published (updated )
Nextcloud Nextcloud ServerMissing brute force protection on password reset token OAuth2 API controller
5.8
First published (updated )
Nextcloud Nextcloud ServerAdvanced permissions not respected when copying entire group folders
6.5
First published (updated )
Nextcloud Nextcloud ServerNextcloud system addressbooks can be modified by malicious trusted server
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Server password reset endpoint is not brute force protected
9.1
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. When m…
8.7
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server missing brute force protection for passwords of password protected share links
7.5
First published (updated )
Nextcloud Nextcloud ServerUsers can set up workflows using restricted and invisible system tags in Nextcloud
8.8
First published (updated )
Nextcloud Nextcloud ServerFull path of data directory exposed to Nextcloud server users
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerInsecure randomness for default password in nextcloud
7.5
First published (updated )
Nextcloud Nextcloud ServerUnrestricted filenames for logo or favicon as admin in the theming settings in nextcloud server
8.8
First published (updated )
Nextcloud Nextcloud ServerScope of workflow operations is not validated in nextcloud server
9.1
First published (updated )
Nextcloud Nextcloud ServerMissing brute force protection on password reset token in Nextcloud Server
7.1
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server and Enterprise Server missing brute force protection on password confirmation modal
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerDirectory traversal in Nextcloud server
7.5
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server has no password length limit when creating a user as an administrator
2.7
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's calendar name length not validated before writing to database
5.3
First published (updated )
Nextcloud Nextcloud Enterprise ServerMissing length validation of user displayname in nextcloud server
6.5
First published (updated )
Nextcloud Nextcloud ServerFederated share accepting/declining is not logged in audit log in Nextcloud Server
2.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerMissing brute force protection on cloud federation sharing in Nextcloud Server
6.5
First published (updated )
Nextcloud Nextcloud ServerSMTP Command Injection in iCalendar Attachments to emails via newlines in Nextcloud Server
5.4
First published (updated )
Nextcloud Nextcloud ServerBypass of password requirements when sharing a folder via the Circles app in Nextcloud Server
4.3
First published (updated )
Nextcloud Nextcloud ServerInsufficient Verification of Data Authenticity in Nextcloud Server
4.3
First published (updated )
Nextcloud Nextcloud ServerPossible Injection in Nextcloud Server
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerHigh memory usage in Nextcloud server
6.5
First published (updated )