nextcloud

359 tracked vulnerabilities.

CVE-2023-35171 MEDIUM
Nextcloud Server 26.0.0-26.0.1 - Open Redirect via Crafted URL
Jun 23, 2023
CVSS 4.1
EPSS 0.00
CVE-2023-32320 HIGH
Nextcloud Server 21.0.0-21.0.9.11 25.0.0-25.0.6 - Brute Force Attack via Parallel Request Bypass
Jun 22, 2023
CVSS 8.7
EPSS 0.01
CVE-2023-33183 LOW
Nextcloud Calendar <4.2.3 - Info Disclosure
May 30, 2023
CVSS 2.6
EPSS 0.00
CVE-2023-33182 NONE
Nextcloud Contacts 4.1.0-4.2.3 - Improper Input Validation in SVG Avatar Rendering
May 30, 2023
EPSS 0.00
CVE-2023-33184 LOW
Nextcloud Mail 1.13.0-1.15.2 - Server-Side Request Forgery
May 27, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-32319 HIGH
Nextcloud Server 24.0.0-24.0.10 - Unauthenticated Brute-Force Attack via WebDAV Basic Auth Header
May 26, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-31128 HIGH
NextCloud Cookbook <commit - Command Injection
May 26, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-32318 HIGH
Nextcloud Server - Insufficient Session Expiration via Text App Session Handling
May 26, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-32074 HIGH
Nextcloud user_oidc < 1.3.2 - Authentication Bypass
May 25, 2023
CVSS 8.0
EPSS 0.00
CVE-2023-28847 LOW
Nextcloud Server <24.0.11 & <25.0.5 - Info Disclosure
Apr 25, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-30540 LOW
Nextcloud Talk 15.0.0-15.0.5 - Exposure of Sensitive Information via Deleted Conversation Data
Apr 17, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-30539 MEDIUM
Nextcloud Files Automated Tagging 1.14.0-1.14.1 - Improper Access Control
Apr 17, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-29000 MEDIUM
Nextcloud Desktop <3.7.0 - Info Disclosure
Apr 04, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28999 MEDIUM
Nextcloud <3.8.0-<4.8.0 - Privilege Escalation
Apr 04, 2023
CVSS 6.9
EPSS 0.01
CVE-2023-28998 MEDIUM
Nextcloud Desktop Client <3.6.5 - Privilege Escalation
Apr 04, 2023
CVSS 6.7
EPSS 0.01
CVE-2023-28997 MEDIUM
Nextcloud Desktop Client <3.6.5 - Info Disclosure
Apr 04, 2023
CVSS 6.7
EPSS 0.01
CVE-2023-28848 MEDIUM
Nextcloud user_oidc 1.0.0-1.3.0 - Cross-Site Request Forgery via State Token Bypass
Apr 04, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-28834 LOW
Nextcloud Server <24.0.6 & 25.0.4 - Info Disclosure
Apr 03, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-28845 LOW
Nextcloud talk <14.0.9-15.0.4 - Info Disclosure
Mar 31, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-28844 MEDIUM
Nextcloud Server 24.0.4-24.0.9 - Improper Access Control via File Version Download
Mar 31, 2023
CVSS 5.7
EPSS 0.00
CVE-2023-28645 MEDIUM
Nextcloud richdocuments <8.0.0-beta.1-6.3.2 - Auth Bypass
Mar 31, 2023
CVSS 5.7
EPSS 0.00
CVE-2023-28835 LOW
Nextcloud <24.0.10-25.0.4 - Info Disclosure
Mar 30, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-28833 LOW
Nextcloud <24.0.10, <25.0.4 - Info Disclosure
Mar 30, 2023
CVSS 2.4
EPSS 0.01
CVE-2023-28647 MEDIUM
Nextcloud iOS <4.7.0 - Privilege Escalation
Mar 30, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-28646 MEDIUM
Nextcloud android <3.24.1 - Info Disclosure
Mar 30, 2023
CVSS 4.4
EPSS 0.00
Products
nextcloud_server 181 nextcloud 28 desktop 27 talk 20 deck 17 mail 15 Nextcloud Server 12 calendar 9 richdocuments 8 contacts 7 user_oidc 7 nextcloud_enterprise_server 6 tables 5 circles 3 group_folders 3 Flow 2 end-to-end_encryption 2 guests 2 news 2 nextcloud_talk 2 notes 2 openid_connect_user_backend 2 preferred_providers 2 server 2 social 2 Nextcloud 1 approval 1 cookbook 1 dialogs 1 extract 1
Quick Filters
Critical CVEs With Exploits In CISA KEV