Vulnerabilities > Nextcloud > Nextcloud Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-30 | CVE-2023-28644 | Unspecified vulnerability in Nextcloud Server 25.0.0/25.0.2 Nextcloud server is an open source home cloud implementation. | 7.5 |
| 2023-02-25 | CVE-2023-25821 | Unspecified vulnerability in Nextcloud Server Nextcloud is an Open Source private cloud software. | 7.5 |
| 2023-02-22 | CVE-2023-25579 | Path Traversal vulnerability in Nextcloud Server Nextcloud server is a self hosted home cloud product. | 7.5 |
| 2022-09-15 | CVE-2022-36074 | Incorrect Authorization vulnerability in Nextcloud Enterprise Server and Nextcloud Server Nextcloud server is an open source personal cloud product. | 7.5 |
| 2021-10-25 | CVE-2021-41177 | Improper Control of Interaction Frequency vulnerability in Nextcloud Server Nextcloud is an open-source, self-hosted productivity platform. | 8.1 |
| 2021-07-12 | CVE-2021-32705 | Improper Control of Interaction Frequency vulnerability in multiple products Nextcloud Server is a Nextcloud package that handles data storage. | 7.5 |
| 2021-07-12 | CVE-2021-32688 | Improper Authorization vulnerability in multiple products Nextcloud Server is a Nextcloud package that handles data storage. | 8.8 |
| 2021-07-12 | CVE-2021-32679 | Improper Encoding or Escaping of Output vulnerability in multiple products Nextcloud Server is a Nextcloud package that handles data storage. | 8.8 |
| 2021-06-01 | CVE-2021-32656 | Improper Access Control vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 8.6 |
| 2020-05-12 | CVE-2020-8154 | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Server An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint. | 7.7 |