Filter
AND
AND

Nextcloud Nextcloud ServerNextcloud Server's users can delete old versions of read-only shared files

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server's read-only users can restore old versions

First published (updated )

Nextcloud Nextcloud ServerWorkflows do not require password confirmation on API level

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server user_ldap app logs user passwords in the log file on level debug

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server vulnerable to attacker enabling/disabling birthday calendar for any user

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud Nextcloud ServerNextcloud Server vulnerable to Self XSS when pasting HTML into Text app with Ctrl+Shift+V

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server HTML injection in search UI when selecting a circle with HTML in the display name

First published (updated )

Nextcloud Nextcloud ServerRate limiter not working reliable when Memcached is installed in Nextcloud

First published (updated )

Nextcloud Nextcloud ServerText does not respect "Allow download" permissions

First published (updated )

Nextcloud Nextcloud ServerExistence of calendars and address books can be checked by unauthenticated users

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud Nextcloud ServerMissing brute force protection on password reset token OAuth2 API controller

First published (updated )

Nextcloud Nextcloud ServerAdvanced permissions not respected when copying entire group folders

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server vulnerable to open redirect on "Unsupported browser" warning

First published (updated )

Nextcloud Nextcloud ServerFull path of data directory exposed to Nextcloud server users

First published (updated )

Nextcloud Nextcloud ServerUser without download rights can download older version of that file in nextcloud server

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud Nextcloud Servernextcloud vulnerable to Uncontrolled Resource Consumption

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server vulnerable to SSRF via filter bypass due to lax checking on IPs

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server's missing rate limiting on password reset functionality allows sending lots of emails

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server previews are accessible without a watermark

First published (updated )

Nextcloud Nextcloud ServerNextcloud Server's disabled download shares still allow download through preview images

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud Nextcloud ServerNextcloud Server's calendar name length not validated before writing to database

First published (updated )

Nextcloud Nextcloud Enterprise ServerMissing length validation of user displayname in nextcloud server

First published (updated )

Nextcloud Nextcloud Enterprise ServerDatabase resource exhaustion for logged-in users via sharee recommendations with circles

First published (updated )

Nextcloud Nextcloud Enterprise ServerException logging in Sharepoint app reveals clear-text connection details

First published (updated )

Nextcloud Nextcloud Enterprise ServerProfile of disabled user stays accessible

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Nextcloud Nextcloud Enterprise ServerServer-Side Request Forgery (SSRF) via potential filter bypass in Nextcloud Server

First published (updated )

Nextcloud Nextcloud ServerMissing brute force protection on cloud federation sharing in Nextcloud Server

First published (updated )

Nextcloud Nextcloud ServerSMTP Command Injection in iCalendar Attachments to emails via newlines in Nextcloud Server

First published (updated )

Nextcloud Nextcloud ServerImproper input-size validation on the user new session name in Nextcloud Server

First published (updated )

Nextcloud Nextcloud ServerBypass of password requirements when sharing a folder via the Circles app in Nextcloud Server

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203