Filter
AND

Nextcloud Nextcloud ServerNextcloud Server user_ldap app logs user passwords in the log file on level debug

First published (updated )

Nextcloud calendarCalendar app returns full stacktrace when an error happens while editing appointment

First published (updated )

Nextcloud DeckNextcloud Deck card vulnerable to data leak to unauthorized users via reference preview cache

First published (updated )

Nextcloud ServerTwo-Factor Authentication not enforced for pages marked as public

First published (updated )

Nextcloud Nextcloud MailSSRF

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud Nextcloud MailBypass of image blocking in Nextcloud Mail

First published (updated )

Nextcloud DeckCross-site Scripting when sending HTML as a comment in the Nextcloud Deck app

EPSS
0.05%
First published (updated )

Nextcloud Nextcloud ServerNextcloud Server vulnerable to open redirect on "Unsupported browser" warning

First published (updated )

Nextcloud guestsAll users can reset the allowed apps list for Nextcloud Guest App users

EPSS
0.05%
First published (updated )

Nextcloud Nextcloud ServerNextcloud Server HTML injection in search UI when selecting a circle with HTML in the display name

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud Nextcloud ServerMissing brute force protection on password reset token OAuth2 API controller

First published (updated )

Nextcloud Nextcloud ServerText does not respect "Allow download" permissions

First published (updated )

Nextcloud Nextcloud ServerAdvanced permissions not respected when copying entire group folders

First published (updated )

Nextcloud Nextcloud ServerExistence of calendars and address books can be checked by unauthenticated users

First published (updated )

Nextcloud NotesNotes attachment render HTML in preview mode

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud User OidcIssuer not verified from obtained token in user_oidc

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controll…

First published (updated )

Nextcloud Nextcloud ServerRate limiter not working reliable when Memcached is installed in Nextcloud

First published (updated )

Nextcloud talkPassword of talk conversations can be bruteforced in Nextcloud

First published (updated )

Nextcloud calendarInviting excessive long email addresses to a calendar event makes the Nextcloud server unresponsive

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud mailRequire strict cookies for image proxy requests in Nextcloud Mail

First published (updated )

Nextcloud Nextcloud ServerWorkflows do not require password confirmation on API level

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server's users can delete old versions of read-only shared files

First published (updated )

Nextcloud DeckNextcloud Deck can access comments and attachments of deleted cards

First published (updated )

Nextcloud NotesNextcloud Notes app can be tricked into using a received share created before the user logged in

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud calendarNextcloud Calendar's event create can create attachments that link to other websites

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server's read-only users can restore old versions

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from conte…

First published (updated )

ownCloud owncloudXSS

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from conte…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203