Filter
AND
Software
nextcloud nextcloud server
105
nextcloud nextcloud
20
nextcloud desktop client
15
nextcloud deck
13
nextcloud talk
11
nextcloud mail
7
nextcloud richdocuments
7
nextcloud calendar
5
nextcloud enterprise server
5
nextcloud contacts
4
nextcloud circles
3
nextcloud nextcloud mail
3
nextcloud end-to-end encryption
2
nextcloud guests
2
nextcloud nextcloud talk
2
nextcloud notes
2
nextcloud openid connect user backend
2
nextcloud preferred providers
2
nextcloud talk android
2
nextcloud user oidc
2
nextcloud files access control
1
nextcloud officeonline
1
nextcloud server
1
nextcloud social
1
nextcloud sso \& saml authentication
1
nextcloud zipper
1
Nextcloud Nextcloud ServerNextcloud Server is missing password confirmation when changing external storage options
5.4
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server has a potential hash collision for background jobs could skip queuing them
5.3
First published (updated )
Nextcloud Nextcloud MailBlind SSRF in the Nextcloud Mail app on avatar endpoint
5.3
First published (updated )
Nextcloud ContactsNextcloud Contacts photos only sanitized if mime type is all lower case
4.3
First published (updated )
Nextcloud calendarError in calendar when booking an appointment reveals the full path of the website
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Server's global credentials of external storages are sent back to the frontend
5.9
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's shares are not removed when user is limited to share with in their groups and being removed from one of them
4.3
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server user_ldap app logs user passwords in the log file on level debug
4.4
First published (updated )
Nextcloud calendarCalendar app returns full stacktrace when an error happens while editing appointment
6.5
First published (updated )
Nextcloud DeckNextcloud Deck card vulnerable to data leak to unauthorized users via reference preview cache
5.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud ServerTwo-Factor Authentication not enforced for pages marked as public
6.5
First published (updated )
Nextcloud Nextcloud MailBypass of image blocking in Nextcloud Mail
4.3
First published (updated )
Nextcloud DeckCross-site Scripting when sending HTML as a comment in the Nextcloud Deck app
5.4
EPSS
0.05%
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server vulnerable to open redirect on "Unsupported browser" warning
6.1
First published (updated )
Nextcloud guestsAll users can reset the allowed apps list for Nextcloud Guest App users
4.3
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud Nextcloud ServerNextcloud Server HTML injection in search UI when selecting a circle with HTML in the display name
5.4
First published (updated )
Nextcloud Nextcloud ServerMissing brute force protection on password reset token OAuth2 API controller
5.8
First published (updated )
Nextcloud Nextcloud ServerText does not respect "Allow download" permissions
4.3
First published (updated )
Nextcloud Nextcloud ServerAdvanced permissions not respected when copying entire group folders
6.5
First published (updated )
Nextcloud Nextcloud ServerExistence of calendars and address books can be checked by unauthenticated users
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud NotesNotes attachment render HTML in preview mode
6.1
First published (updated )
Nextcloud User OIDCIssuer not verified from obtained token in user_oidc
4.8
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controll…
5.7
First published (updated )
Nextcloud Nextcloud ServerRate limiter not working reliable when Memcached is installed in Nextcloud
4.3
First published (updated )
Nextcloud talkPassword of talk conversations can be bruteforced in Nextcloud
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Nextcloud calendarInviting excessive long email addresses to a calendar event makes the Nextcloud server unresponsive
4.3
First published (updated )
Nextcloud mailRequire strict cookies for image proxy requests in Nextcloud Mail
4.3
First published (updated )
Nextcloud Nextcloud ServerWorkflows do not require password confirmation on API level
5.4
First published (updated )
Nextcloud Nextcloud ServerNextcloud Server's users can delete old versions of read-only shared files
5.4
First published (updated )
Nextcloud DeckNextcloud Deck can access comments and attachments of deleted cards
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.