Vulnerabilities > Nextcloud > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-02 | CVE-2020-8173 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended. | 2.2 |
| 2020-02-04 | CVE-2019-15620 | Unspecified vulnerability in Nextcloud Talk Improper access control in Nextcloud Talk 6.0.3 leaks the existance and the name of private conversations when linked them to another shared item via the projects feature. | 2.7 |
| 2020-02-04 | CVE-2019-15622 | SQL Injection vulnerability in Nextcloud Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an attacker to get content information from protected tables when using custom queries. | 2.4 |
| 2019-07-30 | CVE-2019-5452 | Unspecified vulnerability in Nextcloud Bypass lock protection in the Nextcloud Android app prior to version 3.6.2 causes leaking of thumbnails when requesting the Android content provider although the lock protection was not solved. low complexity nextcloud | 2.4 |
| 2018-10-30 | CVE-2018-16463 | Session Fixation vulnerability in Nextcloud Server A bug causing session fixation in Nextcloud Server prior to 14.0.0, 13.0.3 and 12.0.8 could potentially allow an attacker to obtain access to password protected shares. | 3.1 |
| 2017-05-08 | CVE-2017-0892 | Session Fixation vulnerability in Nextcloud Server Nextcloud Server before 11.0.3 is vulnerable to an improper session handling allowed an application specific password without permission to the files access to the users file. | 3.5 |
| 2017-05-08 | CVE-2017-0895 | Information Exposure vulnerability in Nextcloud Server Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and addressbook names to other logged-in users. | 3.5 |