Filter
Software
nextcloud nextcloud server
165
nextcloud nextcloud
28
nextcloud desktop client
24
nextcloud deck
15
nextcloud talk
14
nextcloud mail
12
nextcloud richdocuments
8
nextcloud calendar
6
nextcloud enterprise server
6
nextcloud nextcloud mail
5
nextcloud talk android
5
nextcloud contacts
4
nextcloud user oidc
4
nextcloud circles
3
nextcloud end-to-end encryption
2
nextcloud guests
2
nextcloud nextcloud talk
2
nextcloud notes
2
nextcloud openid connect user backend
2
nextcloud preferred providers
2
nextcloud server
2
nextcloud social
2
nextcloud cookbook
1
nextcloud extract
1
nextcloud files access control
1
nextcloud global site selector
1
nextcloud group folders
1
nextcloud lookup-server
1
nextcloud news
1
nextcloud nextcloud files automated tagging
1
nextcloud officeonline
1
nextcloud password policy
1
nextcloud sso \& saml authentication
1
nextcloud zipper
1
Nextcloud Nextcloud ServerNextcloud Server's shares are not removed when user is limited to share with in their groups and being removed from one of them
4.3
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's global credentials of external storages are sent back to the frontend
5.9
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server is missing password confirmation when changing external storage options
5.4
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's OAuth2 client secrets were stored in a recoverable way
8.2
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server has a potential hash collision for background jobs could skip queuing them
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Server User password is available in memory of the PHP process
7.5
First published (updated )
Nextcloud Desktop ClientIn Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server a…
9.1
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's events information leaked with shared calendars on recurrence exceptions
3.5
First published (updated )
Nextcloud Desktop ClientCode injection in Nextcloud Desktop Client for macOS
7.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's users can delete old versions of read-only shared files
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud DeckNextcloud Deck can access comments and attachments of deleted cards
4.3
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server can reshare read&share only folder with more permissions
8.1
First published (updated )
Nextcloud NotesNextcloud Notes app can be tricked into using a received share created before the user logged in
4.6
First published (updated )
Nextcloud calendarNextcloud Calendar's event create can create attachments that link to other websites
4.6
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's read-only users can restore old versions
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Photos' shared albums have no restriction on photo removal
3.5
First published (updated )
Nextcloud guestsImproper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlist
5.4
EPSS
0.05%
First published (updated )
Nextcloud guestsAll users can reset the allowed apps list for Nextcloud Guest App users
4.3
EPSS
0.05%
First published (updated )
Nextcloud ZipperPermissions bypass in Nextcloud with the files zip app
4.3
EPSS
0.05%
First published (updated )
Nextcloud Nextcloud ServerOAuth2 authorization codes are valid indefinetly in Nextcloud server
3.7
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Sso \& Saml AuthenticationOpen redirect in user_saml via RelayState parameter in Nextcloud User Saml
6.1
EPSS
0.05%
First published (updated )
Nextcloud DeckCross-site Scripting when sending HTML as a comment in the Nextcloud Deck app
5.4
EPSS
0.05%
First published (updated )
Nextcloud Global Site SelectorNextcloud global site selector authentication bypass
9.8
EPSS
0.10%
First published (updated )
Nextcloud Nextcloud ServerBruteforce protection can be bypassed with misconfigured proxy
9.8
First published (updated )
Nextcloud Nextcloud ServerWorkflows do not require password confirmation on API level
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud NextcloudApp PIN code can be bypassed in Nextcloud Files iOS
4.3
First published (updated )
Nextcloud calendarCalendar app returns full stacktrace when an error happens while editing appointment
6.5
First published (updated )
Nextcloud mailNextcloud Mail app vulnerable to Server-Side Request Forgery
9.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server DNS pin middleware can be tricked into DNS rebinding allowing SSRF
9.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server user_ldap app logs user passwords in the log file on level debug
4.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.