Vulnerabilidades em Nextcloud
288 resultadosCVE-2022-41968LOWNextcloud Server's calendar name length not validated before writing to databaseEPSS 0.8%CVE-2023-39962HIGHUsers can delete external storage mount pointsEPSS 0.8%CVE-2022-39330MEDIUMDatabase resource exhaustion for logged-in users via sharee recommendations with circlesEPSS 0.8%CVE-2021-41241MEDIUMAdvanced permissions is not respected for subfolders in Nextcloud serverEPSS 0.8%CVE-2023-25162MEDIUMNextcloud Server vulnerable to SSRF via filter bypass due to lax checking on IPsEPSS 0.8%CVE-2023-28834LOWFull path of data directory exposed to Nextcloud server usersEPSS 0.8%CVE-2021-32782MEDIUMCross-Site Scripting in Nextcloud CirclesEPSS 0.8%CVE-2022-41969LOWNextcloud Server has no password length limit when creating a user as an administratorEPSS 0.8%CVE-2023-39952MEDIUMAdvanced permissions not respected when copying entire group foldersEPSS 0.8%CVE-2023-26041LOWNextcloud Talk messages can still be seen on conversation after expiring when cron is misconfiguredEPSS 0.8%CVE-2023-48306MEDIUMNextcloud Server DNS pin middleware can be tricked into DNS rebinding allowing SSRFEPSS 0.8%CVE-2023-28643MEDIUMPotential share collision for recipients when caching is enabled in nextcloud serverEPSS 0.8%CVE-2024-52520MEDIUMNextcloud Server's link reference provider can be tricked into downloading bigger files than intendedEPSS 0.8%CVE-2017-0936—Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. A missing ownershiEPSS 0.8%CVE-2023-35927HIGHNextcloud system addressbooks can be modified by malicious trusted serverEPSS 0.8%CVE-2023-28847LOWNextcloud Server missing brute force protection for passwords of password protected share linksEPSS 0.8%CVE-2018-3780—A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-intEPSS 0.8%CVE-2023-28833LOWUnrestricted filenames for logo or favicon as admin in the theming settings in nextcloud serverEPSS 0.8%CVE-2021-39220LOWBypass of image blocking in Nextcloud MailEPSS 0.8%CVE-2021-41233MEDIUMMissing authorization in Nextcloud textEPSS 0.8%