Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

Nextcloud ServerUser enumeration setting not respected in Nextcloud server

medium
5.3
First published (updated )
CVE-2021-41239

Nextcloud ServerAdvanced permissions is not respected for subfolders in Nextcloud server

medium
4.3
First published (updated )
CVE-2021-41241

Nextcloud ServerMissing authorization in Nextcloud text

medium
6.5
First published (updated )
CVE-2021-41233

Nextcloud ServerPossible Injection in Nextcloud Server

medium
5
First published (updated )
CVE-2022-24888

Nextcloud ServerHigh memory usage in Nextcloud server

medium
6.5
First published (updated )
CVE-2022-24741

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerSMTP Command Injection in iCalendar Attachments to emails via newlines in Nextcloud Server

medium
5.4
First published (updated )
CVE-2022-31014

Nextcloud ServerDirectory traversal in Nextcloud server

high
7.5
First published (updated )
CVE-2023-25579

Nextcloud ServerNextcloud Server and Enterprise Server missing brute force protection on password confirmation modal

high
7.8
First published (updated )
CVE-2023-25820

Nextcloud ServerScope of workflow operations is not validated in nextcloud server

critical
9.1
First published (updated )
CVE-2023-26482

Nextcloud ServerUsers can set up workflows using restricted and invisible system tags in Nextcloud

high
8.8
First published (updated )
CVE-2023-30539

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerNextcloud Server's brute force protection allows someone to send more requests than intended

high
8.7
First published (updated )
CVE-2023-32320

Nextcloud ServerNextcloud user scoped external storage can be used to gather credentials of other users

high
8.8
First published (updated )
CVE-2023-35928

Nextcloud ServerNextcloud Server password reset endpoint is not brute force protected

critical
9.1
First published (updated )
CVE-2023-35172

Nextcloud ServerRate-limits not working on instances without configured memory cache backend

high
8.1
First published (updated )
CVE-2021-41177

Nextcloud ServerNextcloud system addressbooks can be modified by malicious trusted server

high
8.1
First published (updated )
CVE-2023-35927

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerMissing password confirmation when creating app passwords

high
8.1
First published (updated )
CVE-2023-39963

Nextcloud ServerUsers can delete external storage mount points

high
7.7
First published (updated )
CVE-2023-39962

Nextcloud ServerExceptions may have logged Encryption-at-Rest key content in Nextcloud server

medium
5.5
First published (updated )
CVE-2021-32801

Nextcloud ServerBypass of Two Factor Authentication in Nextcloud server

high
8.1
First published (updated )
CVE-2021-32800

Nextcloud ServerNextcloud Text app can disclose existence of folders in "File Drop" link share

medium
5.3
First published (updated )
CVE-2021-32766

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerPreview generation used third-party library not suited for user-generated content in Nextcloud server

critical
10
First published (updated )
CVE-2021-32802

Nextcloud ServerXSS in Nextcloud Text application

medium
6.1
First published (updated )
CVE-2021-32733

Nextcloud ServerFile path disclosure of shared files in Nextcloud Text application

medium
5.3
First published (updated )
CVE-2021-32734

Nextcloud ServerLack of ratelimit on public share link mount endpoint

medium
5.3
First published (updated )
CVE-2021-32741

Nextcloud ServerDefault share permissions not respected for federated reshares

medium
5.3
First published (updated )
CVE-2021-32725

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Nextcloud ServerWebauthn tokens not removed after user has been deleted

critical
9.8
First published (updated )
CVE-2021-32726

Nextcloud ServerFilenames not escaped by default in controllers using DownloadResponse

high
8.8
First published (updated )
CVE-2021-32679

Nextcloud ServerRatelimit not applied on OCS API responses

medium
5.3
First published (updated )
CVE-2021-32678

Nextcloud ServerAudit log is not properly logging unsetting of share expiration date

low
3.3
First published (updated )
CVE-2021-32680

Nextcloud ServerApplication specific tokens can change their own scope

high
8.8
First published (updated )
CVE-2021-32688

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203