Vulnerabilidades em Nextcloud
288 resultadosCVE-2023-25821MEDIUMNextcloud download permissions can be changed by resharerEPSS 0.9%CVE-2023-35928HIGHNextcloud user scoped external storage can be used to gather credentials of other usersEPSS 0.9%CVE-2023-23943MEDIUMBlind SSRF via server URL input in the Nextcloud Mail appEPSS 0.9%CVE-2023-35172HIGHNextcloud Server password reset endpoint is not brute force protectedEPSS 0.9%CVE-2022-29159MEDIUMPossibility for anyone to add a stack with existing tasks on anyone's board in Nextcloud DeckEPSS 0.9%CVE-2017-0885—Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of file in write-only share. Due to an error in EPSS 0.9%CVE-2022-24887MEDIUMOpen Redirect in Nextcloud TalkEPSS 0.9%CVE-2017-0887—Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. Due to not properly sanitizing values provided by tEPSS 0.9%CVE-2018-3762—Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still rEPSS 0.9%CVE-2022-39332MEDIUMCross-site scripting (XSS) in Nextcloud Desktop Client EPSS 0.9%CVE-2022-24890LOWExposure of Private Personal Information to an Unauthorized Actor in Nextcloud TalkEPSS 0.9%CVE-2022-39333MEDIUMCross-site scripting (XSS) in Nextcloud Desktop ClientEPSS 0.9%CVE-2021-32695LOWMalicious Android app could access Shared Preferences of the Nextcloud Android clientEPSS 0.9%CVE-2023-32320HIGHNextcloud Server's brute force protection allows someone to send more requests than intendedEPSS 0.9%CVE-2023-48307LOWNextcloud Mail app vulnerable to Server-Side Request ForgeryEPSS 0.9%CVE-2022-39331MEDIUMCross-site Scripting (XSS) in Nexcloud Desktop ClientEPSS 0.9%CVE-2023-32074HIGHNextcloud user_oidc app is missing brute force protectionEPSS 0.9%CVE-2021-32728MEDIUMEnd-to-end encryption device setup did not verify public keyEPSS 0.9%CVE-2021-39224LOWFile path disclosure of shared files in OfficeOnline applicationEPSS 0.8%CVE-2023-33182NONENextcloud Contacts photos only sanitized if mime type is all lower caseEPSS 0.8%