Vulnerabilities > Nextcloud > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-18 | CVE-2024-22212 | Missing Authentication for Critical Function vulnerability in Nextcloud Global Site Selector Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. | 9.8 |
| 2023-12-22 | CVE-2023-49792 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 9.8 |
| 2023-11-21 | CVE-2023-48306 | Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Server Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. | 9.8 |
| 2023-11-21 | CVE-2023-48307 | Server-Side Request Forgery (SSRF) vulnerability in Nextcloud Mail Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. | 9.8 |
| 2023-06-23 | CVE-2023-35172 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud Server NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. | 9.1 |
| 2023-05-25 | CVE-2023-32074 | Improper Restriction of Excessive Authentication Attempts vulnerability in Nextcloud User Oidc user_oidc app is an OpenID Connect user backend for Nextcloud. | 9.8 |
| 2022-04-11 | CVE-2022-24838 | Injection vulnerability in Nextcloud Calendar Nextcloud Calendar is a calendar application for the nextcloud framework. | 9.8 |
| 2021-09-07 | CVE-2021-32802 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Nextcloud Server Nextcloud server is an open source, self hosted personal cloud. | 10.0 |
| 2021-07-12 | CVE-2021-32726 | Incorrect Ownership Assignment vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 9.8 |
| 2021-06-11 | CVE-2021-22915 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. | 9.8 |