Vulnerabilities > Nextcloud > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-01 | CVE-2022-41970 | Incorrect Authorization vulnerability in Nextcloud Server Nextcloud Server is an open source personal cloud server. | 5.3 |
| 2022-12-01 | CVE-2022-41971 | Exposure of Resource to Wrong Sphere vulnerability in Nextcloud Talk Nextcould Talk android is a video and audio conferencing app for Nextcloud. | 6.5 |
| 2022-11-25 | CVE-2022-39332 | Cross-site Scripting vulnerability in Nextcloud Desktop Nexcloud desktop is the Desktop sync client for Nextcloud. | 5.4 |
| 2022-11-25 | CVE-2022-39333 | Cross-site Scripting vulnerability in Nextcloud Desktop Nexcloud desktop is the Desktop sync client for Nextcloud. | 6.1 |
| 2022-11-25 | CVE-2022-39331 | Cross-site Scripting vulnerability in Nextcloud Desktop Nexcloud desktop is the Desktop sync client for Nextcloud. | 5.4 |
| 2022-11-25 | CVE-2022-39334 | Improper Certificate Validation vulnerability in Nextcloud Desktop Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. | 4.7 |
| 2022-11-25 | CVE-2022-39338 | Improper Input Validation vulnerability in Nextcloud Openid Connect User Backend user_oidc is an OpenID Connect user backend for Nextcloud. | 5.4 |
| 2022-11-25 | CVE-2022-39339 | Cleartext Transmission of Sensitive Information vulnerability in Nextcloud Openid Connect User Backend user_oidc is an OpenID Connect user backend for Nextcloud. | 4.3 |
| 2022-11-25 | CVE-2022-39346 | Resource Exhaustion vulnerability in multiple products Nextcloud server is an open source personal cloud server. | 6.5 |
| 2022-11-25 | CVE-2022-41926 | Incorrect Permission Assignment for Critical Resource vulnerability in Nextcloud Talk Nextcould talk android is the android OS implementation of the nextcloud talk chat system. | 5.5 |