Vulnerabilities > Nextcloud > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-12 | CVE-2021-32726 | Unspecified vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 9.8 |
| 2021-06-11 | CVE-2021-22915 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. | 9.8 |
| 2021-06-01 | CVE-2021-32654 | Unspecified vulnerability in Nextcloud Server Nextcloud Server is a Nextcloud package that handles data storage. | 9.1 |
| 2020-06-08 | CVE-2020-8180 | Code Injection vulnerability in Nextcloud Talk A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator. | 9.9 |
| 2019-08-07 | CVE-2019-5476 | SQL Injection vulnerability in Nextcloud Lookup-Server 0.2.0 An SQL Injection in the Nextcloud Lookup-Server < v0.3.0 (running on https://lookup.nextcloud.com) caused unauthenticated users to be able to execute arbitrary SQL commands. | 9.8 |
| 2019-07-30 | CVE-2019-5454 | SQL Injection vulnerability in Nextcloud SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account. | 9.8 |