nextcloud

359 tracked vulnerabilities.

CVE-2022-31131 MEDIUM
Nextcloud mail <1.12.2 - Info Disclosure
Jul 06, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-31014 MEDIUM
Nextcloud Server < 19.0.13.7, < 22.2.8 - SMTP Command Injection via CRLF Injection
Jul 05, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-31024 MEDIUM
NextCloud Collabra <6.0.0, <5.0.4, <4.2.6 - Info Disclosure
Jun 02, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-29243 MEDIUM
Nextcloud Server <22.2.7-23.0.4 - Info Disclosure
May 31, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-29163 LOW
Nextcloud Server <22.2.6, 23.0.3 - Info Disclosure
May 20, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-29160 LOW
Nextcloud Android <3.19.0 - Info Disclosure
May 20, 2022
CVSS 2.8
EPSS 0.00
CVE-2022-29159 MEDIUM
Nextcloud Deck <1.4.8-1.6.1 - Privilege Escalation
May 20, 2022
CVSS 5.0
EPSS 0.00
CVE-2022-24906 LOW
Nextcloud Deck < 1.2.11 - Unauthorized Sensitive Information Exposure via Full Path Disclosure
May 20, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-24890 LOW
Nextcloud Talk < 13.0.5 - Unauthorized Exposure of Private Personal Information via Call Moderator Permissions
May 17, 2022
CVSS 2.4
EPSS 0.00
CVE-2022-24889 LOW
Nextcloud Server < 21.0.8 - Insufficient Verification of Data Authenticity
Apr 27, 2022
CVSS 2.4
EPSS 0.00
CVE-2022-24888 MEDIUM
Nextcloud Server < 20.0.14.4 - File and Folder Name Injection via Leading/Trailing Whitespace Characters
Apr 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-24887 MEDIUM
Nextcloud Talk < 11.3.4, 12.2.2, 13.0.0 - Open Redirect via Deck Card Metadata
Apr 27, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-24886 LOW
Nextcloud Android < 3.19.0 - Unauthorized Contact Data Exposure via Notification Permission
Apr 27, 2022
CVSS 2.2
EPSS 0.00
CVE-2022-24885 LOW
Nextcloud Android < 3.19.1 - Authentication Bypass via Repeated App Reopening
Apr 27, 2022
CVSS 2.0
EPSS 0.00
CVE-2022-24838 MEDIUM
Nextcloud Calendar < 3.2.2 - SMTP Command Injection via Newlines in Appointment Emails
Apr 11, 2022
CVSS 5.3
EPSS 0.09
CVE-2022-24741 LOW
Nextcloud <21.0.8, <22.2.4, <23.0.1 - DoS
Mar 09, 2022
CVSS 3.5
EPSS 0.01
CVE-2021-41233 MEDIUM
Nextcloud <22.2.1 - Info Disclosure
Mar 10, 2022
CVSS 6.5
EPSS 0.00
CVE-2021-41241 MEDIUM
Nextcloud Server < 20.0.14 - Missing Authorization in Groupfolders Subfolder Access
Mar 08, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-41239 MEDIUM
Nextcloud <20.0.13, <21.0.5, <22.2 - Info Disclosure
Mar 08, 2022
CVSS 5.3
EPSS 0.00
CVE-2021-41181 LOW
Nextcloud talk <12.3.0 - Info Disclosure
Mar 08, 2022
CVSS 2.4
EPSS 0.00
CVE-2021-41180 MEDIUM
Nextcloud talk <12.1.2 - Open Redirect
Mar 08, 2022
CVSS 4.7
EPSS 0.00
CVE-2021-41166 MEDIUM
Nextcloud Android <3.17.1 - Info Disclosure
Jan 26, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-43863 HIGH
Nextcloud Android <3.18.1 - Privilege Escalation
Jan 25, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-41256 MEDIUM
nextcloud news-android < 0.9.9.63 - Unauthenticated Intent Reflection to Content Provider Access
Nov 30, 2021
CVSS 5.8
EPSS 0.00
CVE-2021-39222 MEDIUM
Nextcloud Talk < 10.0.7 - Stored Cross-Site Scripting via Malicious File Right-Click
Nov 15, 2021
CVSS 6.4
EPSS 0.00
Products
nextcloud_server 181 nextcloud 28 desktop 27 talk 20 deck 17 mail 15 Nextcloud Server 12 calendar 9 richdocuments 8 contacts 7 user_oidc 7 nextcloud_enterprise_server 6 tables 5 circles 3 group_folders 3 Flow 2 end-to-end_encryption 2 guests 2 news 2 nextcloud_talk 2 notes 2 openid_connect_user_backend 2 preferred_providers 2 server 2 social 2 Nextcloud 1 approval 1 cookbook 1 dialogs 1 extract 1
Quick Filters
Critical CVEs With Exploits In CISA KEV