Vulnerabilities > Nextcloud > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-16 | CVE-2024-46958 | Unspecified vulnerability in Nextcloud Desktop 3.13.1/3.13.2/3.13.3 In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files (between the server and client) may become world writable or world readable. | 9.1 |
| 2024-01-18 | CVE-2024-22212 | Missing Authentication for Critical Function vulnerability in Nextcloud Global Site Selector Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. | 9.8 |
| 2023-12-22 | CVE-2023-49792 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 9.8 |
| 2023-11-21 | CVE-2023-48306 | Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 9.8 |
| 2023-11-21 | CVE-2023-48307 | Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Mail Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. | 9.8 |
| 2023-06-23 | CVE-2023-35172 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. | 9.1 |
| 2023-05-25 | CVE-2023-32074 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud User Oidc user_oidc app is an OpenID Connect user backend for Nextcloud. | 9.8 |
| 2022-04-11 | CVE-2022-24838 | Injection vulnerability in Nextcloud Calendar Nextcloud Calendar is a calendar application for the nextcloud framework. | 9.8 |
| 2021-09-07 | CVE-2021-32802 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Nextcloud Server Nextcloud server is an open source, self hosted personal cloud. | 10.0 |
| 2021-07-12 | CVE-2021-32726 | Incorrect Ownership Assignment vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 9.8 |