Vulnerabilities > Nextcloud > Nextcloud Server > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2024-22403 | Insufficient Session Expiration vulnerability in Nextcloud Server Nextcloud server is a self hosted personal cloud system. | 3.7 |
| 2023-11-21 | CVE-2023-48303 | Unspecified vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 2.7 |
| 2022-12-01 | CVE-2022-41969 | Weak Password Requirements vulnerability in Nextcloud Server Nextcloud Server is an open source personal cloud server. | 2.7 |
| 2022-07-05 | CVE-2022-31014 | Injection vulnerability in Nextcloud Server Nextcloud server is an open source personal cloud server. | 3.5 |
| 2021-09-07 | CVE-2021-32801 | Information Exposure Through Log Files vulnerability in Nextcloud Server Nextcloud server is an open source, self hosted personal cloud. | 2.1 |
| 2021-07-12 | CVE-2021-32680 | Insufficient Logging vulnerability in multiple products Nextcloud Server is a Nextcloud package that handles data storage. | 3.3 |
| 2021-06-01 | CVE-2021-32655 | Unspecified vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 3.5 |
| 2021-06-01 | CVE-2021-32653 | Information Exposure Through Sent Data vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 2.7 |
| 2021-02-03 | CVE-2020-8294 | Cross-site Scripting vulnerability in Nextcloud Server A missing link validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows execution of a stored XSS attack using Internet Explorer when saving a 'javascript:' URL in markdown format. | 3.5 |
| 2020-11-16 | CVE-2020-8152 | Insufficiently Protected Credentials vulnerability in Nextcloud Server Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on. | 2.1 |