nextcloud

359 tracked vulnerabilities.

CVE-2018-16464 MEDIUM
Nextcloud Server < 14.0.0 - Unauthenticated Continued Access to Password-Protected Link Shares
Oct 30, 2018
CVSS 5.7
EPSS 0.00
CVE-2018-16463 LOW
Nextcloud Server <14.0.0-12.0.8 - Info Disclosure
Oct 30, 2018
CVSS 3.1
EPSS 0.00
CVE-2018-3781 MEDIUM
Nextcloud Talk < 3.2.5 - Stored Cross-Site Scripting via Autocomplete Search Results
Aug 13, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-3780 MEDIUM
Nextcloud Server < 13.0.5 - Stored Cross-Site Scripting in Autocomplete Search Results
Aug 13, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-3776 MEDIUM
Nextcloud Server 11.0.0-11.0.5 - Audit Log Bypass via Input Validation Issue
Aug 12, 2018
CVSS 5.3
EPSS 0.00
CVE-2018-3775 HIGH
Nextcloud Server < 12.0.3 - 2 Factor Authentication Bypass via Stolen Credentials
Aug 12, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-3764 MEDIUM
Nextcloud Contacts < 2.1.2 - Stored Cross-Site Scripting in Autocomplete Group Name Search
Jul 05, 2018
CVSS 4.8
EPSS 0.00
CVE-2018-3763 MEDIUM
Nextcloud Calendar < 1.5.8 and 1.6.1 - Stored Cross-Site Scripting in Autocomplete Group Name Search
Jul 05, 2018
CVSS 4.8
EPSS 0.00
CVE-2018-3762 MEDIUM
Nextcloud Server < 12.0.8 - Improper Access Control via File Preview Request
Jul 05, 2018
CVSS 4.3
EPSS 0.00
CVE-2018-3761 HIGH
Nextcloud Server < 12.0.8 - Improper Authentication on OAuth2 Token Endpoint
Jul 05, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-0936 MEDIUM
Nextcloud Server <11.0.7, 12.0.5 - Auth Bypass
Mar 28, 2018
CVSS 5.7
EPSS 0.00
CVE-2017-0895 LOW
Nextcloud Server <10.0.4,11.0.2 - Info Disclosure
May 08, 2017
CVSS 3.5
EPSS 0.00
CVE-2017-0894 MEDIUM
Nextcloud Server <11.0.3 - Info Disclosure
May 08, 2017
CVSS 4.3
EPSS 0.01
CVE-2017-0893 MEDIUM
Nextcloud Server <9.0.58, 10.0.5, 11.0.3 - XSS
May 08, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-0892 LOW
Nextcloud Server <11.0.3 - Info Disclosure
May 08, 2017
CVSS 3.5
EPSS 0.00
CVE-2017-0891 MEDIUM
Nextcloud Server <9.0.58, 10.0.5, 11.0.3 - XSS
May 08, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-0890 MEDIUM
Nextcloud Server < 11.0.3 - Stored Cross-Site Scripting in Search Module
May 08, 2017
CVSS 5.4
EPSS 0.00
CVE-2017-0888 MEDIUM
Nextcloud Server <9.0.55, 10.0.2 - Info Disclosure
Apr 05, 2017
CVSS 4.3
EPSS 0.01
CVE-2017-0887 MEDIUM
Nextcloud Server <9.0.55,10.0.2 - Auth Bypass
Apr 05, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-0886 MEDIUM
Nextcloud Server <9.0.55,10.0.2 - DoS
Apr 05, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-0885 MEDIUM
Nextcloud Server <9.0.55, 10.0.2 - Info Disclosure
Apr 05, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-0884 MEDIUM
Nextcloud Server <9.0.55,10.0.2 - Info Disclosure
Apr 05, 2017
CVSS 4.3
EPSS 0.00
CVE-2017-0883 MEDIUM
Nextcloud Server <9.0.55,10.0.2 - Privilege Escalation
Apr 05, 2017
CVSS 6.4
EPSS 0.00
CVE-2016-9468 MEDIUM
Nextcloud Server <9.0.54, 10.0.1 & ownCloud Server <9.0.6, 9.1.2 - Content Spoofing via DAV
Mar 28, 2017
CVSS 5.3
EPSS 0.00
CVE-2016-9467 MEDIUM
Nextcloud Server < 9.0.54 and 10.0.1 & ownCloud Server < 9.0.6 and 9.1.2 - Content Spoofing in Files App Location Bar
Mar 28, 2017
CVSS 5.3
EPSS 0.01
Products
nextcloud_server 181 nextcloud 28 desktop 27 talk 20 deck 17 mail 15 Nextcloud Server 12 calendar 9 richdocuments 8 contacts 7 user_oidc 7 nextcloud_enterprise_server 6 tables 5 circles 3 group_folders 3 Flow 2 end-to-end_encryption 2 guests 2 news 2 nextcloud_talk 2 notes 2 openid_connect_user_backend 2 preferred_providers 2 server 2 social 2 Nextcloud 1 approval 1 cookbook 1 dialogs 1 extract 1
Quick Filters
Critical CVEs With Exploits In CISA KEV