Vulnerabilities > Nextcloud
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-09 | CVE-2023-22472 | Cross-Site Request Forgery (CSRF) vulnerability in Nextcloud Desktop 3.6.1 Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. | 8.8 |
| 2022-12-01 | CVE-2022-41968 | Improper Validation of Specified Quantity in Input vulnerability in Nextcloud Server Nextcloud Server is an open source personal cloud server. | 5.3 |
| 2022-12-01 | CVE-2022-41969 | Weak Password Requirements vulnerability in Nextcloud Server Nextcloud Server is an open source personal cloud server. | 2.7 |
| 2022-12-01 | CVE-2022-41970 | Incorrect Authorization vulnerability in Nextcloud Server Nextcloud Server is an open source personal cloud server. | 5.3 |
| 2022-12-01 | CVE-2022-41971 | Exposure of Resource to Wrong Sphere vulnerability in Nextcloud Talk Nextcould Talk android is a video and audio conferencing app for Nextcloud. | 6.5 |
| 2022-11-25 | CVE-2022-39332 | Cross-site Scripting vulnerability in Nextcloud Desktop Nexcloud desktop is the Desktop sync client for Nextcloud. | 5.4 |
| 2022-11-25 | CVE-2022-39333 | Cross-site Scripting vulnerability in Nextcloud Desktop Nexcloud desktop is the Desktop sync client for Nextcloud. | 6.1 |
| 2022-11-25 | CVE-2022-39331 | Cross-site Scripting vulnerability in Nextcloud Desktop Nexcloud desktop is the Desktop sync client for Nextcloud. | 5.4 |
| 2022-11-25 | CVE-2022-39334 | Improper Certificate Validation vulnerability in Nextcloud Desktop Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. | 4.7 |
| 2022-11-25 | CVE-2022-39338 | Improper Input Validation vulnerability in Nextcloud Openid Connect User Backend user_oidc is an OpenID Connect user backend for Nextcloud. | 5.4 |