nextcloud

359 tracked vulnerabilities.

CVE-2021-41179 MEDIUM
Nextcloud <20.0.13, 21.0.5, 22.2.0 - Info Disclosure
Oct 25, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-41178 HIGH
Nextcloud <20.0.13, 21.0.5, 22.2.0 - Path Traversal
Oct 25, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-41177 HIGH
Nextcloud <20.0.13, 21.0.5, 22.2.0 - Info Disclosure
Oct 25, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-39225 HIGH
Nextcloud Deck < 1.2.9, 1.4.5, 1.5.3 - Authenticated Authorization Bypass
Oct 25, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-39224 LOW
Nextcloud OfficeOnline < 1.1.1 - Full Path Disclosure via Exception Message
Oct 25, 2021
CVSS 3.5
EPSS 0.00
CVE-2021-39223 MEDIUM
Nextcloud Richdocuments < 3.8.6 - Sensitive Information Exposure via Exception Message
Oct 25, 2021
CVSS 4.8
EPSS 0.00
CVE-2021-39221 MEDIUM
Nextcloud Contacts < 4.0.3 - Stored Cross-Site Scripting via Malicious File Right-Click
Oct 25, 2021
CVSS 6.4
EPSS 0.00
CVE-2021-39220 LOW
Nextcloud Mail < 1.10.4 - Privacy Filter Bypass via Relative Protocol Images
Oct 25, 2021
CVSS 3.5
EPSS 0.00
CVE-2021-32802 CRITICAL
Nextcloud Server - Unsafe Image Preview Rendering Enables SSRF or Code Execution
Sep 07, 2021
CVSS 9.3
EPSS 0.02
CVE-2021-32801 MEDIUM
Nextcloud <20.0.12,21.0.4,22.1.0 - Info Disclosure
Sep 07, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-32800 HIGH
Nextcloud <20.0.12-22.1.0 - Auth Bypass
Sep 07, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-37629 MEDIUM
Nextcloud Richdocuments < 3.8.4 - Share Token Enumeration via Unthrottled OCS Endpoint
Sep 07, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-37628 HIGH
Nextcloud Richdocuments < 3.8.4 - Authorization Bypass via File Drop Feature
Sep 07, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-32766 MEDIUM
nextcloud_server < 20.0.12 - Information Disclosure via Text Application Error Messages
Sep 07, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-37631 MEDIUM
Nextcloud Deck < 1.2.9 - Authorization Bypass via Circle Membership Check
Sep 07, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-37630 MEDIUM
Nextcloud Circles < 0.19.5 - Unauthenticated Authorization Bypass via Secret Circle Join
Sep 07, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-32782 MEDIUM
Nextcloud Circles <0.21.3-0.19.14 - XSS
Sep 07, 2021
CVSS 5.8
EPSS 0.00
CVE-2021-37617 HIGH
Nextcloud Desktop 3.0.3-3.2.4 - Uncontrolled Search Path Element via Uninstall.exe
Aug 18, 2021
CVSS 7.3
EPSS 0.00
CVE-2021-32728 MEDIUM
Nextcloud Desktop Client <3.3.0 - Info Disclosure
Aug 18, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-32748 MEDIUM
Nextcloud Richdocuments - Info Disclosure
Jul 27, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-32741 MEDIUM
Nextcloud Server <19.0.13, <20.011, <21.0.3 - Info Disclosure
Jul 12, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-32734 LOW
Nextcloud Server <19.0.13, <20.011, <21.0.3 - Info Disclosure
Jul 12, 2021
CVSS 3.1
EPSS 0.00
CVE-2021-32733 MEDIUM
Nextcloud Text < 19.0.13 - Cross-Site Scripting via HTML Content-Type
Jul 12, 2021
CVSS 4.8
EPSS 0.00
CVE-2021-32727 MEDIUM
Nextcloud Android Client <3.16.1 - Info Disclosure
Jul 12, 2021
CVSS 5.7
EPSS 0.00
CVE-2021-32726 HIGH
Nextcloud Server <19.0.13, 20.011, 21.0.3 - Info Disclosure
Jul 12, 2021
CVSS 7.1
EPSS 0.01
Products
nextcloud_server 181 nextcloud 28 desktop 27 talk 20 deck 17 mail 15 Nextcloud Server 12 calendar 9 richdocuments 8 contacts 7 user_oidc 7 nextcloud_enterprise_server 6 tables 5 circles 3 group_folders 3 Flow 2 end-to-end_encryption 2 guests 2 news 2 nextcloud_talk 2 notes 2 openid_connect_user_backend 2 preferred_providers 2 server 2 social 2 Nextcloud 1 approval 1 cookbook 1 dialogs 1 extract 1
Quick Filters
Critical CVEs With Exploits In CISA KEV