Nextcloud

354 tracked vulnerabilities.

CVE-2024-52514 MEDIUM
Nextcloud Server < 21.0.9.18 - Improper Access Control
Nov 15, 2024
CVSS 4.1
EPSS 0.00
CVE-2024-52513 LOW
Nextcloud Server < 25.0.13.13 - Information Disclosure
Nov 15, 2024
CVSS 2.6
EPSS 0.00
CVE-2024-52512 LOW
Nextcloud User Oidc < 6.1.0 - Open Redirect
Nov 15, 2024
CVSS 3.3
EPSS 0.00
CVE-2024-52511 MEDIUM
Nextcloud Tables < 0.8.0 - IDOR
Nov 15, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-52510 MEDIUM
Nextcloud Desktop < 3.14.2 - Improper Certificate Validation
Nov 15, 2024
CVSS 4.2
EPSS 0.00
CVE-2024-52509 LOW
Nextcloud Mail < 2.2.10 - Improper Access Control
Nov 15, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-52508 HIGH
Nextcloud Mail < 1.14.6 - Information Disclosure
Nov 15, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-52507 LOW
Nextcloud Tables < 0.8.1 - IDOR
Nov 15, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-52525 LOW
Nextcloud Server < 28.0.12 - Cleartext Storage
Nov 15, 2024
CVSS 1.8
EPSS 0.01
CVE-2024-52523 MEDIUM
Nextcloud Server < 25.0.13.14 - Information Disclosure
Nov 15, 2024
CVSS 4.6
EPSS 0.00
CVE-2024-52521 LOW
Nextcloud Server <28.0.10-30.0.0 - Info Disclosure
Nov 15, 2024
CVSS 2.6
EPSS 0.01
CVE-2024-52520 MEDIUM
Nextcloud Server < 27.1.11.8 - Denial of Service
Nov 15, 2024
CVSS 5.7
EPSS 0.01
CVE-2024-52519 LOW
Nextcloud Server - Info Disclosure
Nov 15, 2024
CVSS 2.7
EPSS 0.01
CVE-2024-52518 MEDIUM
Nextcloud Server < 28.0.12 - Incorrect Authorization
Nov 15, 2024
CVSS 4.4
EPSS 0.00
CVE-2024-52517 MEDIUM
Nextcloud Server < 25.0.13.13 - Information Disclosure
Nov 15, 2024
CVSS 4.6
EPSS 0.01
CVE-2024-52516 LOW
Nextcloud Server < 26.0.13.9 - Improper Privilege Management
Nov 15, 2024
CVSS 3.0
EPSS 0.00
CVE-2024-52515 MEDIUM
Nextcloud Server <27.1.10,28.0.6,29.0.1 - Path Traversal
Nov 15, 2024
CVSS 5.7
EPSS 0.01
CVE-2024-46958 CRITICAL
Nextcloud Desktop Client <3.13.4 - Info Disclosure
Sep 16, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-37887 LOW
Nextcloud Server < 27.1.10 - Improper Access Control
Jun 14, 2024
CVSS 3.5
EPSS 0.01
CVE-2024-37886 MEDIUM
Nextcloud User Oidc < 1.3.5 - Signature Verification Bypass
Jun 14, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-37885 LOW
Nextcloud Desktop < 3.12.0 - Code Injection
Jun 14, 2024
CVSS 3.8
EPSS 0.00
CVE-2024-37884 LOW
Nextcloud Server < 25.0.13.7 - Improper Access Control
Jun 14, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-37883 MEDIUM
Nextcloud Deck < 1.6.6 - Improper Access Control
Jun 14, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-37882 HIGH
Nextcloud Server < 26.0.13 - Improper Access Control
Jun 14, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-37317 MEDIUM
Nextcloud Notes < 4.9.3 - Improper Access Control
Jun 14, 2024
CVSS 4.6
EPSS 0.00
Products
nextcloud_server 180 nextcloud 28 desktop 27 talk 20 deck 17 mail 15 calendar 9 richdocuments 8 user_oidc 7 contacts 7 nextcloud_enterprise_server 6 tables 5 group_folders 3 circles 3 notes 2 end-to-end_encryption 2 nextcloud_talk 2 guests 2 social 2 preferred_providers 2 server 2 openid_connect_user_backend 2 zipper 1 cookbook 1 dialogs 1 extract 1 files_access_control 1 global_site_selector 1 lookup-server 1 news 1
Quick Filters
Critical CVEs With Exploits In CISA KEV