Skip to main content

Nextcloud

359 CVEs product

Monthly

CVE-2022-41970 MEDIUM PATCH This Month

Nextcloud Server is an open source personal cloud server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Authentication Bypass Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-41969 LOW PATCH Monitor

Nextcloud Server is an open source personal cloud server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Nextcloud Denial Of Service Nextcloud Server
NVD GitHub
CVSS 3.1
2.7
EPSS
0.8%
CVE-2022-41968 MEDIUM PATCH This Month

Nextcloud Server is an open source personal cloud server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Nextcloud Denial Of Service Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-39333 MEDIUM POC PATCH This Month

Nexcloud desktop is the Desktop sync client for Nextcloud. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Nextcloud XSS Desktop
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-39332 MEDIUM POC PATCH This Month

Nexcloud desktop is the Desktop sync client for Nextcloud. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud XSS Desktop
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2022-41926 MEDIUM PATCH This Month

Nextcould talk android is the android OS implementation of the nextcloud talk chat system. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Google Talk
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-39346 MEDIUM PATCH This Month

Nextcloud server is an open source personal cloud server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Denial Of Service Nextcloud Enterprise Server Nextcloud Server Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-39339 MEDIUM PATCH This Month

user_oidc is an OpenID Connect user backend for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Openid Connect User Backend
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-39338 MEDIUM PATCH This Month

user_oidc is an OpenID Connect user backend for Nextcloud. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Apple XSS Openid Connect User Backend
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-39334 MEDIUM POC PATCH This Month

Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. Rated medium severity (CVSS 4.7). Public exploit code available.

Nextcloud Information Disclosure Desktop
NVD GitHub
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-39331 MEDIUM POC PATCH This Month

Nexcloud desktop is the Desktop sync client for Nextcloud. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud XSS Desktop
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2022-41882 HIGH PATCH This Week

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Nextcloud RCE Microsoft Code Injection Desktop
NVD GitHub
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-39364 MEDIUM POC PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Nextcloud Information Disclosure Nextcloud Enterprise Server Nextcloud Server
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-39330 MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Nextcloud Denial Of Service Nextcloud Enterprise Server Nextcloud Server
NVD GitHub
CVSS 3.1
4.3
EPSS
0.8%
CVE-2022-39329 MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Nextcloud Nextcloud Enterprise Server Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-39212 MEDIUM PATCH This Month

Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nextcloud Talk
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2022-39210 MEDIUM PATCH This Month

Nextcloud android is the official Android client for the Nextcloud home server platform. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Google Nextcloud Path Traversal
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-39211 MEDIUM PATCH This Month

Nextcloud server is an open source personal cloud platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Nextcloud Nextcloud Enterprise Server Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-36075 MEDIUM PATCH This Month

Nextcloud files access control is a nextcloud app to manage access control for files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nextcloud Files Access Control
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-36074 HIGH PATCH This Week

Nextcloud server is an open source personal cloud product. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nextcloud Nextcloud Enterprise Server Nextcloud Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2022-35931 LOW PATCH Monitor

Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Password Policy
NVD GitHub
CVSS 3.1
2.7
EPSS
0.4%
CVE-2022-35932 MEDIUM PATCH This Month

Nextcloud Talk is a video and audio conferencing app for Nextcloud. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Talk
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
CVE-2022-31119 MEDIUM PATCH This Month

Nextcloud Mail is an email application for the nextcloud personal cloud product. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Mail
NVD GitHub
CVSS 3.1
4.9
EPSS
0.6%
CVE-2022-31132 CRITICAL Act Now

Nextcloud Mail is an email application for the nextcloud personal cloud product. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Nextcloud PHP Mail
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-31120 LOW PATCH Monitor

Nextcloud server is an open source personal cloud solution. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
2.7
EPSS
0.7%
CVE-2022-31118 MEDIUM PATCH This Month

Nextcloud server is an open source personal cloud solution. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Nextcloud PHP Denial Of Service Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-31131 MEDIUM POC PATCH This Month

Nextcloud mail is a Mail app for the Nextcloud home server product. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Nextcloud Nextcloud Mail
NVD GitHub
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-31014 LOW POC PATCH Monitor

Nextcloud server is an open source personal cloud server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
3.5
EPSS
2.4%
CVE-2022-31024 MEDIUM PATCH This Month

richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Nextcloud Richdocuments
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-29243 MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
4.3
EPSS
1.4%
CVE-2022-29163 MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
4.3
EPSS
1.0%
CVE-2022-29160 LOW POC PATCH Monitor

Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Google Authentication Bypass Nextcloud
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2022-29159 MEDIUM POC PATCH This Month

Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Nextcloud Deck
NVD GitHub
CVSS 3.1
4.3
EPSS
0.9%
CVE-2022-24906 MEDIUM POC PATCH This Month

Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Deck
NVD GitHub
CVSS 3.1
4.3
EPSS
1.0%
CVE-2022-24890 MEDIUM POC PATCH This Month

Nextcloud Talk is a video and audio conferencing app for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Talk
NVD GitHub
CVSS 3.1
4.3
EPSS
0.9%
CVE-2022-24889 MEDIUM POC This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-24888 MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Code Injection Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
4.3
EPSS
1.2%
CVE-2022-24887 MEDIUM POC PATCH This Month

Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Nextcloud Talk
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-24886 LOW Monitor

Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Google Nextcloud Information Disclosure
NVD GitHub
CVSS 3.1
3.8
EPSS
0.4%
CVE-2022-24885 LOW POC PATCH Monitor

Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Authentication Bypass Nextcloud
NVD GitHub
CVSS 3.1
2.4
EPSS
0.5%
CVE-2022-24838 CRITICAL PATCH Act Now

Nextcloud Calendar is a calendar application for the nextcloud framework. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Command Injection Nextcloud Calendar
NVD GitHub
CVSS 3.1
9.8
EPSS
32.3%
CVE-2022-24741 MEDIUM POC PATCH This Month

Nextcloud server is an open source, self hosted cloud style services platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Nextcloud Nextcloud Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.6%
CVE-2021-41256 HIGH POC PATCH This Week

nextcloud news-android is an Android client for the Nextcloud news/feed reader app. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Information Disclosure News
NVD GitHub
CVSS 3.1
7.1
EPSS
1.1%
CVE-2021-39222 MEDIUM This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud XSS Talk
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-41179 MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-41178 MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud XSS Server
NVD GitHub
CVSS 3.1
6.5
EPSS
1.7%
CVE-2021-41177 HIGH PATCH This Week

Nextcloud is an open-source, self-hosted productivity platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud PHP Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
8.1
EPSS
1.5%
CVE-2021-39225 HIGH PATCH This Week

Nextcloud is an open-source, self-hosted productivity platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Authentication Bypass Deck
NVD GitHub
CVSS 3.1
8.1
EPSS
1.3%
CVE-2021-39224 MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Officeonline
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-39223 MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Richdocuments
NVD GitHub
CVSS 3.1
5.3
EPSS
1.0%
CVE-2021-39221 MEDIUM This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nextcloud XSS Contacts
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-39220 LOW PATCH Monitor

Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Mail
NVD GitHub
CVSS 3.1
3.5
EPSS
0.8%
CVE-2021-32802 CRITICAL Act Now

Nextcloud server is an open source, self hosted personal cloud. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud PHP Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-32801 MEDIUM This Month

Nextcloud server is an open source, self hosted personal cloud. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-32800 HIGH PATCH This Week

Nextcloud server is an open source, self hosted personal cloud. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Nextcloud Authentication Bypass Nextcloud Server
NVD GitHub
CVSS 3.1
8.1
EPSS
1.8%
CVE-2021-37629 MEDIUM This Month

Nextcloud Richdocuments is an open source collaborative office suite. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud Microsoft Information Disclosure Richdocuments
NVD GitHub
CVSS 3.1
5.3
EPSS
1.4%
CVE-2021-37628 HIGH PATCH This Week

Nextcloud Richdocuments is an open source collaborative office suite. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Nextcloud Authentication Bypass Richdocuments
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-32766 MEDIUM PATCH This Month

Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
1.3%
CVE-2021-37631 MEDIUM PATCH This Month

Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Authentication Bypass Deck
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-37630 MEDIUM PATCH This Month

Nextcloud Circles is an open source social network built for the nextcloud ecosystem. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Authentication Bypass Circles
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-32782 MEDIUM PATCH This Month

Nextcloud Circles is an open source social network built for the nextcloud ecosystem. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Nextcloud XSS Circles
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2021-37617 HIGH PATCH This Week

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Nextcloud Information Disclosure Desktop
NVD GitHub
CVSS 3.1
7.3
EPSS
0.5%
CVE-2021-32728 MEDIUM POC PATCH This Month

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Desktop Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-32748 MEDIUM This Month

Nextcloud Richdocuments in an open source self hosted online office. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Nextcloud Authentication Bypass Richdocuments
NVD GitHub
CVSS 3.1
4.3
EPSS
1.0%
CVE-2021-32741 MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
1.3%
CVE-2021-32734 MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
1.4%
CVE-2021-32733 MEDIUM PATCH This Month

Nextcloud Text is a collaborative document editing application that uses Markdown. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Nextcloud XSS Nextcloud Server
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-32727 HIGH This Week

Nextcloud Android Client is the Android client for Nextcloud. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Nextcloud Information Disclosure
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2021-32726 CRITICAL Act Now

Nextcloud Server is a Nextcloud package that handles data storage. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-32725 MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-32707 MEDIUM POC PATCH This Month

Nextcloud Mail is a mail app for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Mail
NVD GitHub
CVSS 3.1
4.3
EPSS
1.1%
CVE-2021-32689 MEDIUM PATCH This Month

Nextcloud Talk is a fully on-premises audio/video and chat communication service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Talk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-32705 HIGH PATCH This Week

Nextcloud Server is a Nextcloud package that handles data storage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-32703 MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server Fedora
NVD GitHub
CVSS 3.1
5.3
EPSS
1.5%
CVE-2021-32688 HIGH PATCH This Week

Nextcloud Server is a Nextcloud package that handles data storage. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Authentication Bypass Nextcloud Server Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
2.3%
CVE-2021-32680 LOW PATCH Monitor

Nextcloud Server is a Nextcloud package that handles data storage. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Nextcloud Information Disclosure Nextcloud Server Fedora
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2021-32679 HIGH PATCH This Week

Nextcloud Server is a Nextcloud package that handles data storage. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2021-32678 MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Authentication Bypass Nextcloud Server Fedora
NVD GitHub
CVSS 3.1
5.3
EPSS
1.4%
CVE-2021-32694 MEDIUM POC PATCH This Month

Nextcloud Android app is the Android client for Nextcloud. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Denial Of Service
NVD GitHub
CVSS 3.1
5.5
EPSS
1.0%
CVE-2021-32695 LOW POC PATCH Monitor

Nextcloud Android app is the Android client for Nextcloud. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Information Disclosure
NVD GitHub
CVSS 3.1
3.3
EPSS
0.9%
CVE-2021-32676 MEDIUM This Month

Nextcloud Talk is a fully on-premises audio/video and chat communication service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nextcloud Session Fixation Talk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2021-22915 CRITICAL Act Now

Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud Authentication Bypass Nextcloud Server Fedora
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-22913 MEDIUM This Month

Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud Information Disclosure Deck
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-22912 MEDIUM POC This Month

Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Nextcloud Information Disclosure
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-22906 MEDIUM POC This Month

Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Nextcloud Denial Of Service End To End Encryption
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2021-22905 MEDIUM POC This Month

Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Nextcloud Information Disclosure
NVD GitHub
CVSS 3.1
6.5
EPSS
1.4%
CVE-2021-22896 MEDIUM PATCH This Month

Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Nextcloud Authentication Bypass
NVD GitHub
CVSS 3.1
4.3
EPSS
1.0%
CVE-2021-22895 MEDIUM POC PATCH This Month

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Nextcloud Information Disclosure Desktop Debian Linux
NVD GitHub
CVSS 3.1
5.9
EPSS
1.0%
CVE-2021-32658 MEDIUM POC PATCH This Month

Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Information Disclosure
NVD GitHub
CVSS 3.1
4.6
EPSS
0.3%
CVE-2021-32657 MEDIUM This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nextcloud Denial Of Service Nextcloud Server
NVD GitHub
CVSS 3.1
4.3
EPSS
1.8%
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Server is an open source personal cloud server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Authentication Bypass Nextcloud Server
NVD GitHub
EPSS 1% CVSS 2.7
LOW PATCH Monitor

Nextcloud Server is an open source personal cloud server. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Nextcloud Denial Of Service Nextcloud Server
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Server is an open source personal cloud server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Nextcloud Denial Of Service Nextcloud Server
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Nexcloud desktop is the Desktop sync client for Nextcloud. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Nextcloud XSS Desktop
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Nexcloud desktop is the Desktop sync client for Nextcloud. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud XSS Desktop
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Nextcould talk android is the android OS implementation of the nextcloud talk chat system. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Google +1
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Nextcloud server is an open source personal cloud server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Denial Of Service Nextcloud Enterprise Server +2
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

user_oidc is an OpenID Connect user backend for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Openid Connect User Backend
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

user_oidc is an OpenID Connect user backend for Nextcloud. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Apple XSS +1
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM POC PATCH This Month

Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. Rated medium severity (CVSS 4.7). Public exploit code available.

Nextcloud Information Disclosure Desktop
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Nexcloud desktop is the Desktop sync client for Nextcloud. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud XSS Desktop
NVD GitHub
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Nextcloud RCE Microsoft +2
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Microsoft Nextcloud Information Disclosure +2
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Nextcloud Denial Of Service Nextcloud Enterprise Server +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Nextcloud Nextcloud Enterprise Server +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nextcloud Talk
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Nextcloud android is the official Android client for the Nextcloud home server platform. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Google Nextcloud Path Traversal
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud server is an open source personal cloud platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.

SSRF Nextcloud Nextcloud Enterprise Server +1
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Nextcloud files access control is a nextcloud app to manage access control for files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nextcloud Files Access Control
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Nextcloud server is an open source personal cloud product. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Nextcloud Nextcloud Enterprise Server +1
NVD GitHub
EPSS 0% CVSS 2.7
LOW PATCH Monitor

Nextcloud Password Policy is an app that enables a Nextcloud server admin to define certain rules for passwords. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Password Policy
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Talk is a video and audio conferencing app for Nextcloud. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Talk
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Nextcloud Mail is an email application for the nextcloud personal cloud product. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Mail
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL Act Now

Nextcloud Mail is an email application for the nextcloud personal cloud product. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Nextcloud PHP +1
NVD GitHub
EPSS 1% CVSS 2.7
LOW PATCH Monitor

Nextcloud server is an open source personal cloud solution. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud server is an open source personal cloud solution. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Nextcloud PHP Denial Of Service +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Nextcloud mail is a Mail app for the Nextcloud home server product. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Nextcloud Nextcloud Mail
NVD GitHub
EPSS 2% CVSS 3.5
LOW POC PATCH Monitor

Nextcloud server is an open source personal cloud server. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Nextcloud Nextcloud Server
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

richdocuments is the repository for NextCloud Collabra, the app for Nextcloud Office collaboration. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Microsoft Nextcloud +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
EPSS 0% CVSS 3.3
LOW POC PATCH Monitor

Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Google Authentication Bypass Nextcloud
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Nextcloud Deck
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Deck
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Nextcloud Talk is a video and audio conferencing app for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Talk
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Nextcloud Nextcloud Server
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Code Injection Nextcloud Nextcloud Server
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Nextcloud Talk
NVD GitHub
EPSS 0% CVSS 3.8
LOW Monitor

Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Google Nextcloud Information Disclosure
NVD GitHub
EPSS 0% CVSS 2.4
LOW POC PATCH Monitor

Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Authentication Bypass Nextcloud
NVD GitHub
EPSS 32% CVSS 9.8
CRITICAL PATCH Act Now

Nextcloud Calendar is a calendar application for the nextcloud framework. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Command Injection Nextcloud Calendar
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC PATCH This Month

Nextcloud server is an open source, self hosted cloud style services platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Nextcloud Nextcloud Server
NVD GitHub
EPSS 1% CVSS 7.1
HIGH POC PATCH This Week

nextcloud news-android is an Android client for the Nextcloud news/feed reader app. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud XSS Talk
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Server
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud XSS Server
NVD GitHub
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Nextcloud is an open-source, self-hosted productivity platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud PHP Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Nextcloud is an open-source, self-hosted productivity platform. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Authentication Bypass Deck
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Officeonline
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Richdocuments
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM This Month

Nextcloud is an open-source, self-hosted productivity platform. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nextcloud XSS Contacts
NVD GitHub
EPSS 1% CVSS 3.5
LOW PATCH Monitor

Nextcloud is an open-source, self-hosted productivity platform The Nextcloud Mail application prior to versions 1.10.4 and 1.11.0 does by default not render images in emails to not leak the read. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Mail
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL Act Now

Nextcloud server is an open source, self hosted personal cloud. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud PHP Information Disclosure +1
NVD GitHub
EPSS 0% CVSS 5.5
MEDIUM This Month

Nextcloud server is an open source, self hosted personal cloud. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
EPSS 2% CVSS 8.1
HIGH PATCH This Week

Nextcloud server is an open source, self hosted personal cloud. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Nextcloud Authentication Bypass Nextcloud Server
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM This Month

Nextcloud Richdocuments is an open source collaborative office suite. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud Microsoft Information Disclosure +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Nextcloud Richdocuments is an open source collaborative office suite. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Nextcloud Authentication Bypass +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Text is an open source plaintext editing application which ships with the nextcloud server. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Authentication Bypass Deck
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Nextcloud Circles is an open source social network built for the nextcloud ecosystem. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Authentication Bypass Circles
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Nextcloud Circles is an open source social network built for the nextcloud ecosystem. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Nextcloud XSS Circles
NVD GitHub
EPSS 0% CVSS 7.3
HIGH PATCH This Week

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity.

Nextcloud Information Disclosure Desktop
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Desktop +1
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

Nextcloud Richdocuments in an open source self hosted online office. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Nextcloud Authentication Bypass +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Nextcloud Text is a collaborative document editing application that uses Markdown. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Nextcloud XSS Nextcloud Server
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

Nextcloud Android Client is the Android client for Nextcloud. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Nextcloud Information Disclosure
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

Nextcloud Server is a Nextcloud package that handles data storage. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM POC PATCH This Month

Nextcloud Mail is a mail app for Nextcloud. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Nextcloud Information Disclosure Mail
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Nextcloud Talk is a fully on-premises audio/video and chat communication service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Nextcloud Information Disclosure Talk
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Nextcloud Server is a Nextcloud package that handles data storage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server +1
NVD GitHub
EPSS 2% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server +1
NVD GitHub
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Nextcloud Server is a Nextcloud package that handles data storage. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Authentication Bypass Nextcloud Server +1
NVD GitHub
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Nextcloud Server is a Nextcloud package that handles data storage. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Nextcloud Information Disclosure Nextcloud Server +1
NVD GitHub
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Nextcloud Server is a Nextcloud package that handles data storage. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Information Disclosure Nextcloud Server +1
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Nextcloud Authentication Bypass Nextcloud Server +1
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM POC PATCH This Month

Nextcloud Android app is the Android client for Nextcloud. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Denial Of Service
NVD GitHub
EPSS 1% CVSS 3.3
LOW POC PATCH Monitor

Nextcloud Android app is the Android client for Nextcloud. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Information Disclosure
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

Nextcloud Talk is a fully on-premises audio/video and chat communication service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nextcloud Session Fixation +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud Authentication Bypass Nextcloud Server +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Nextcloud Information Disclosure Deck
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Apple Nextcloud Information Disclosure
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Nextcloud End-to-End Encryption before 1.5.3, 1.6.3 and 1.7.1 suffers from a denial of service vulnerability due to permitting any authenticated users to lock files of other users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Nextcloud Denial Of Service End To End Encryption
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Nextcloud Information Disclosure
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Nextcloud Mail before 1.9.5 suffers from improper access control due to a missing permission check allowing other authenticated users to create mail aliases for other users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Nextcloud Authentication Bypass
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM POC PATCH This Month

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Nextcloud Information Disclosure Desktop +1
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM POC PATCH This Month

Nextcloud Android is the Android client for the Nextcloud open source home cloud system. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google Nextcloud Information Disclosure
NVD GitHub
EPSS 2% CVSS 4.3
MEDIUM This Month

Nextcloud Server is a Nextcloud package that handles data storage. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Nextcloud Denial Of Service Nextcloud Server
NVD GitHub
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy