Filter
AND
Software
nextcloud nextcloud server
105
nextcloud nextcloud
20
nextcloud desktop client
15
nextcloud deck
13
nextcloud talk
11
nextcloud mail
7
nextcloud richdocuments
7
nextcloud calendar
5
nextcloud enterprise server
5
nextcloud contacts
4
nextcloud circles
3
nextcloud nextcloud mail
3
nextcloud end-to-end encryption
2
nextcloud guests
2
nextcloud nextcloud talk
2
nextcloud notes
2
nextcloud openid connect user backend
2
nextcloud preferred providers
2
nextcloud talk android
2
nextcloud user oidc
2
nextcloud files access control
1
nextcloud officeonline
1
nextcloud server
1
nextcloud social
1
nextcloud sso \& saml authentication
1
nextcloud zipper
1
Nextcloud Nextcloud ServerNextcloud Server's shares are not removed when user is limited to share with in their groups and being removed from one of them
4.3
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's global credentials of external storages are sent back to the frontend
5.9
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server is missing password confirmation when changing external storage options
5.4
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server has a potential hash collision for background jobs could skip queuing them
5.3
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's users can delete old versions of read-only shared files
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud DeckNextcloud Deck can access comments and attachments of deleted cards
4.3
First published (updated )
Nextcloud NotesNextcloud Notes app can be tricked into using a received share created before the user logged in
4.6
First published (updated )
Nextcloud calendarNextcloud Calendar's event create can create attachments that link to other websites
4.6
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's read-only users can restore old versions
4.3
First published (updated )
Nextcloud guestsImproper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlist
5.4
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud guestsAll users can reset the allowed apps list for Nextcloud Guest App users
4.3
EPSS
0.05%
First published (updated )
Nextcloud ZipperPermissions bypass in Nextcloud with the files zip app
4.3
EPSS
0.05%
First published (updated )
Nextcloud Sso \& Saml AuthenticationOpen redirect in user_saml via RelayState parameter in Nextcloud User Saml
6.1
EPSS
0.05%
First published (updated )
Nextcloud DeckCross-site Scripting when sending HTML as a comment in the Nextcloud Deck app
5.4
EPSS
0.05%
First published (updated )
Nextcloud Nextcloud ServerWorkflows do not require password confirmation on API level
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud NextcloudApp PIN code can be bypassed in Nextcloud Files iOS
4.3
First published (updated )
Nextcloud calendarCalendar app returns full stacktrace when an error happens while editing appointment
6.5
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server user_ldap app logs user passwords in the log file on level debug
4.4
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server vulnerable to attacker enabling/disabling birthday calendar for any user
4.3
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server vulnerable to Self XSS when pasting HTML into Text app with Ctrl+Shift+V
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Server HTML injection in search UI when selecting a circle with HTML in the display name
5.4
First published (updated )
Nextcloud calendarInviting excessive long email addresses to a calendar event makes the Nextcloud server unresponsive
4.3
First published (updated )
Nextcloud talkPassword of talk conversations can be bruteforced in Nextcloud
4.3
First published (updated )
Nextcloud Nextcloud ServerRate limiter not working reliable when Memcached is installed in Nextcloud
4.3
First published (updated )
Nextcloud mailRequire strict cookies for image proxy requests in Nextcloud Mail
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerText does not respect "Allow download" permissions
4.3
First published (updated )
Nextcloud Nextcloud ServerExistence of calendars and address books can be checked by unauthenticated users
5.3
First published (updated )
Nextcloud Nextcloud ServerMissing brute force protection on password reset token OAuth2 API controller
5.8
First published (updated )
Nextcloud NotesNotes attachment render HTML in preview mode
6.1
First published (updated )
Nextcloud User OIDCIssuer not verified from obtained token in user_oidc
4.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.