Vulnerabilities > Nextcloud > Nextcloud > 3.4.2

DATE CVE VULNERABILITY TITLE RISK
2023-12-22 CVE-2023-49790 Improper Authentication vulnerability in Nextcloud
The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform.
low complexity
nextcloud CWE-287
4.3
2022-05-20 CVE-2022-29160 Incomplete Cleanup vulnerability in Nextcloud
Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform.
local
low complexity
nextcloud CWE-459
3.3
2022-04-27 CVE-2022-24885 Improper Authentication vulnerability in Nextcloud
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform.
local
low complexity
nextcloud CWE-287
2.1
2022-04-27 CVE-2022-24886 Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud
Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform.
local
low complexity
nextcloud CWE-732
3.8
2022-01-26 CVE-2021-41166 Incorrect Default Permissions vulnerability in Nextcloud
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform.
network
low complexity
nextcloud CWE-276
5.0
2022-01-25 CVE-2021-43863 SQL Injection vulnerability in Nextcloud
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform.
network
low complexity
nextcloud CWE-89
5.0
2021-07-12 CVE-2021-32727 Improper Certificate Validation vulnerability in Nextcloud
Nextcloud Android Client is the Android client for Nextcloud.
network
low complexity
nextcloud CWE-295
5.0
2021-06-17 CVE-2021-32694 Uncaught Exception vulnerability in Nextcloud
Nextcloud Android app is the Android client for Nextcloud.
network
nextcloud CWE-248
4.3
2021-06-17 CVE-2021-32695 Unspecified vulnerability in Nextcloud
Nextcloud Android app is the Android client for Nextcloud.
local
low complexity
nextcloud
3.3
2021-06-11 CVE-2021-22905 Information Exposure vulnerability in Nextcloud
Nextcloud Android App (com.nextcloud.client) before v3.16.0 is vulnerable to information disclosure due to searches for sharees being performed by default on the lookup server instead of only using the local Nextcloud server unless a global search has been explicitly chosen by the user.
network
nextcloud CWE-200
4.3