Vulnerabilities > Nextcloud > Desktop > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-04 CVE-2023-28998 Missing Required Cryptographic Step vulnerability in Nextcloud Desktop
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server.
network
low complexity
nextcloud CWE-325
6.1
2023-04-04 CVE-2023-28999 Missing Encryption of Sensitive Data vulnerability in Nextcloud Desktop
Nextcloud is an open-source productivity platform.
network
low complexity
nextcloud CWE-311
6.4
2023-02-06 CVE-2023-23942 Cross-site Scripting vulnerability in Nextcloud Desktop
The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer.
network
low complexity
nextcloud CWE-79
6.1
2022-11-25 CVE-2022-39332 Cross-site Scripting vulnerability in Nextcloud Desktop
Nexcloud desktop is the Desktop sync client for Nextcloud.
network
low complexity
nextcloud CWE-79
5.4
2022-11-25 CVE-2022-39333 Cross-site Scripting vulnerability in Nextcloud Desktop
Nexcloud desktop is the Desktop sync client for Nextcloud.
network
low complexity
nextcloud CWE-79
6.1
2022-11-25 CVE-2022-39331 Cross-site Scripting vulnerability in Nextcloud Desktop
Nexcloud desktop is the Desktop sync client for Nextcloud.
network
low complexity
nextcloud CWE-79
5.4
2022-11-25 CVE-2022-39334 Improper Certificate Validation vulnerability in Nextcloud Desktop
Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers.
local
high complexity
nextcloud CWE-295
4.7
2021-08-18 CVE-2021-32728 Improper Certificate Validation vulnerability in multiple products
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer.
network
low complexity
nextcloud debian CWE-295
6.5
2021-06-11 CVE-2021-22895 Improper Certificate Validation vulnerability in multiple products
Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.
4.3
2020-08-10 CVE-2020-8229 Memory Leak vulnerability in Nextcloud Desktop
A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.
local
low complexity
nextcloud CWE-401
4.9