Vulnerabilities > Nextcloud

DATE CVE VULNERABILITY TITLE RISK
2024-01-18 CVE-2024-22401 Improper Preservation of Permissions vulnerability in Nextcloud Guests 2.5.0/3.0.0
Nextcloud guests app is a utility to create guest users which can only see files shared with them.
network
low complexity
nextcloud CWE-281
4.3
2024-01-18 CVE-2024-22402 Improper Preservation of Permissions vulnerability in Nextcloud Guests 2.5.0/3.0.0
Nextcloud guests app is a utility to create guest users which can only see files shared with them.
network
low complexity
nextcloud CWE-281
5.4
2024-01-18 CVE-2024-22404 Improper Preservation of Permissions vulnerability in Nextcloud Zipper
Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud.
network
low complexity
nextcloud CWE-281
4.3
2024-01-18 CVE-2024-22213 Cross-site Scripting vulnerability in Nextcloud Deck
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud.
network
low complexity
nextcloud CWE-79
5.4
2024-01-18 CVE-2024-22400 Open Redirect vulnerability in Nextcloud SSO & Saml Authentication
Nextcloud User Saml is an app for authenticating Nextcloud users using SAML.
network
low complexity
nextcloud CWE-601
6.1
2024-01-18 CVE-2024-22403 Insufficient Session Expiration vulnerability in Nextcloud Server
Nextcloud server is a self hosted personal cloud system.
network
high complexity
nextcloud CWE-613
3.7
2024-01-18 CVE-2024-22212 Missing Authentication for Critical Function vulnerability in Nextcloud Global Site Selector
Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server.
network
low complexity
nextcloud CWE-306
critical
9.8
2023-12-22 CVE-2023-49790 Improper Authentication vulnerability in Nextcloud
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform.
low complexity
nextcloud CWE-287
4.3
2023-12-22 CVE-2023-49791 Improper Access Control vulnerability in Nextcloud Server
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform.
network
low complexity
nextcloud CWE-284
5.4
2023-12-22 CVE-2023-49792 Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform.
network
low complexity
nextcloud CWE-307
critical
9.8