Vulnerabilities > Nextcloud > Nextcloud Server > 19.0.13.9

DATE CVE VULNERABILITY TITLE RISK
2021-01-26 CVE-2020-8295 Resource Exhaustion vulnerability in Nextcloud Server
A wrong check in Nextcloud Server 19 and prior allowed to perform a denial of service attack when resetting the password for a user.
network
low complexity
nextcloud CWE-400
7.5
7.5
2020-11-16 CVE-2020-8259 Insufficiently Protected Credentials vulnerability in Nextcloud Server
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys.
network
low complexity
nextcloud CWE-522
8.1
8.1
2020-11-16 CVE-2020-8152 Insufficiently Protected Credentials vulnerability in Nextcloud Server
Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on.
local
low complexity
nextcloud CWE-522
4.4
4.4