Vulnerabilities > Nextcloud > Nextcloud Server > 19.0.1

DATE CVE VULNERABILITY TITLE RISK
2020-11-09 CVE-2020-8150 Missing Encryption of Sensitive Data vulnerability in Nextcloud Server
A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files.
local
high complexity
nextcloud CWE-311
4.1
4.1
2020-11-09 CVE-2020-8133 Improper Verification of Cryptographic Signature vulnerability in Nextcloud Server 19.0.1
A wrong generation of the passphrase for the encrypted block in Nextcloud Server 19.0.1 allowed an attacker to overwrite blocks in a file.
network
low complexity
nextcloud CWE-347
5.3
5.3
2020-11-02 CVE-2020-8236 Improper Authentication vulnerability in Nextcloud Server
A wrong configuration in Nextcloud Server 19.0.1 incorrectly made the user feel the passwordless WebAuthn is also a two factor verification by asking for the PIN of the passwordless WebAuthn but not verifying it.
low complexity
nextcloud CWE-287
6.8
6.8