Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

Nextcloud ServerNextcloud Server's OAuth2 client secrets were stored in a recoverable way

high
8.2
First published (updated )
CVE-2024-52519

Nextcloud ServerNextcloud Server User password is available in memory of the PHP process

high
7.5
First published (updated )
CVE-2024-52525

Nextcloud ServerNextcloud Server can reshare read&share only folder with more permissions

high
8.1
First published (updated )
CVE-2024-37882

Nextcloud ServerNextcloud server allows the by-pass the second factor

high
7.3
First published (updated )
CVE-2024-37313

Nextcloud ServerNextcloud Server users can make external storage mount points inaccessible for other users

high
8.5
First published (updated )
CVE-2023-48239

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerOAuth2 client_secret stored in plain text in the Nextcloud database

high
8.8
First published (updated )
CVE-2023-45151

Nextcloud ServerNextcloud Server has improper restriction of excessive authentication attempts on WebDAV endpoint

high
7.5
First published (updated )
CVE-2023-39960

Nextcloud ServerMissing password confirmation when creating app passwords

high
8.1
First published (updated )
CVE-2023-39963

Nextcloud ServerUsers can delete external storage mount points

high
7.7
First published (updated )
CVE-2023-39962

Nextcloud ServerNextcloud user scoped external storage can be used to gather credentials of other users

high
8.8
First published (updated )
CVE-2023-35928

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerNextcloud system addressbooks can be modified by malicious trusted server

high
8.1
First published (updated )
CVE-2023-35927

Nextcloud ServerNextcloud Server's brute force protection allows someone to send more requests than intended

high
8.7
First published (updated )
CVE-2023-32320

Nextcloud ServerBasic auth header on WebDAV requests is not brute-force protected in Nextcloud

high
8.1
First published (updated )
CVE-2023-32319

Nextcloud ServerUser session not correctly destroyed on logout

high
7.2
First published (updated )
CVE-2023-32318

Nextcloud ServerNextcloud Server missing brute force protection for passwords of password protected share links

high
7.5
First published (updated )
CVE-2023-28847

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerUsers can set up workflows using restricted and invisible system tags in Nextcloud

high
8.8
First published (updated )
CVE-2023-30539

Nextcloud ServerInsecure randomness for default password in nextcloud

high
7.5
First published (updated )
CVE-2023-28835

Nextcloud ServerUnrestricted filenames for logo or favicon as admin in the theming settings in nextcloud server

high
8.8
First published (updated )
CVE-2023-28833

Nextcloud ServerReference fetch can saturate the server bandwidth for 10 seconds in nextcloud server

high
7.5
First published (updated )
CVE-2023-28644

Nextcloud ServerPotential share collision for recipients when caching is enabled in nextcloud server

high
8.8
First published (updated )
CVE-2023-28643

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerDelete permissions are not saved when creating public share in Nextcloud server

high
8.1
First published (updated )
CVE-2023-25817

Nextcloud ServerMissing brute force protection on password reset token in Nextcloud Server

high
7.1
First published (updated )
CVE-2023-25818

Nextcloud ServerNextcloud Server and Enterprise Server missing brute force protection on password confirmation modal

high
7.8
First published (updated )
CVE-2023-25820

Nextcloud ServerNextcloud download permissions can be changed by resharer

high
7.5
First published (updated )
CVE-2023-25821

Nextcloud ServerDirectory traversal in Nextcloud server

high
7.5
First published (updated )
CVE-2023-25579

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud Enterprise ServerAuthentication headers exposed on by Nextcloud Server

high
7.5
First published (updated )
CVE-2022-36074

Nextcloud ServerFile Traversal affecting SVG files on Nextcloud Server

high
8.8
First published (updated )
CVE-2021-41178

Nextcloud ServerRate-limits not working on instances without configured memory cache backend

high
8.1
First published (updated )
CVE-2021-41177

Nextcloud ServerBypass of Two Factor Authentication in Nextcloud server

high
8.1
First published (updated )
CVE-2021-32800

Nextcloud ServerLack of ratelimit on public DAV endpoint

high
7.5
First published (updated )
CVE-2021-32705

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203