Filter
AND
Software
nextcloud nextcloud server
41
nextcloud desktop client
8
nextcloud deck
2
nextcloud mail
2
nextcloud nextcloud
2
nextcloud nextcloud mail
2
nextcloud cookbook
1
nextcloud enterprise server
1
nextcloud group folders
1
nextcloud news
1
nextcloud nextcloud files automated tagging
1
nextcloud richdocuments
1
nextcloud server
1
nextcloud social
1
nextcloud talk
1
nextcloud talk android
1
nextcloud user oidc
1
Nextcloud Nextcloud ServerPotential share collision for recipients when caching is enabled in nextcloud server
8.8
First published (updated )
Nextcloud Nextcloud ServerReference fetch can saturate the server bandwidth for 10 seconds in nextcloud server
7.5
First published (updated )
Nextcloud Nextcloud ServerUnrestricted filenames for logo or favicon as admin in the theming settings in nextcloud server
8.8
First published (updated )
Nextcloud Nextcloud ServerInsecure randomness for default password in nextcloud
7.5
First published (updated )
Nextcloud Nextcloud ServerUsers can set up workflows using restricted and invisible system tags in Nextcloud
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Server's OAuth2 client secrets were stored in a recoverable way
8.2
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server User password is available in memory of the PHP process
7.5
First published (updated )
NextCloud CookbookNextCloud Cookbook's pull-checks.yml workflow is vulnerable to OS Command Injection
8.8
First published (updated )
Nextcloud Nextcloud ServerUser session not correctly destroyed on logout
7.2
First published (updated )
Nextcloud Nextcloud ServerBasic auth header on WebDAV requests is not brute-force protected in Nextcloud
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Server's brute force protection allows someone to send more requests than intended
8.7
First published (updated )
Nextcloud Nextcloud ServerNextcloud user scoped external storage can be used to gather credentials of other users
8.8
First published (updated )
Nextcloud Desktop ClientNextcloud Deck Desktop Client is vulnerable to Cross-Site Request Forgery (CSRF) via malicious link
8.8
First published (updated )
Nextcloud NewsIntent URI permissions manipulation in nextcloud news-android
7.1
First published (updated )
Nextcloud ServerFile Traversal affecting SVG files on Nextcloud Server
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerRate-limits not working on instances without configured memory cache backend
8.1
First published (updated )
Nextcloud Nextcloud MailMissing permission check on email metadata retrieval
8.8
First published (updated )
Nextcloud Nextcloud MailA missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.
7
First published (updated )
Nextcloud Nextcloud ServerNextcloud system addressbooks can be modified by malicious trusted server
8.1
First published (updated )
Nextcloud Nextcloud ServerMissing password confirmation when creating app passwords
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Talk AndroidPath traversal allows tricking the Talk Android app into writing files into it's root directory
7.8
First published (updated )
Nextcloud Nextcloud ServerUsers can delete external storage mount points
7.7
First published (updated )
Nextcloud User OIDCuser_oidc app stores client secret unencrypted in database
8.1
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server has improper restriction of excessive authentication attempts on WebDAV endpoint
7.5
First published (updated )
Nextcloud Nextcloud ServerOAuth2 client_secret stored in plain text in the Nextcloud database
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Desktop ClientCode injection in Nextcloud Desktop Client for macOS
7.8
First published (updated )
ownCloud Desktop ClientNextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer fr…
8.1
First published (updated )
Nextcloud Nextcloud ServerImproper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to…
8.1
First published (updated )
Nextcloud Nextcloud ServerImproper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obt…
8.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token en…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.