Vulnerabilities > Nextcloud > Nextcloud Server > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-22 | CVE-2023-49792 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 9.8 |
| 2023-11-21 | CVE-2023-48306 | Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 9.8 |
| 2023-06-23 | CVE-2023-35172 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. | 9.1 |
| 2021-09-07 | CVE-2021-32802 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Nextcloud Server Nextcloud server is an open source, self hosted personal cloud. | 10.0 |
| 2021-07-12 | CVE-2021-32726 | Incorrect Ownership Assignment vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 9.8 |
| 2021-06-11 | CVE-2021-22915 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. | 9.8 |
| 2021-06-01 | CVE-2021-32654 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 9.1 |