Vulnerabilidades em Nextcloud
288 resultadosCVE-2024-37882HIGHNextcloud Server can reshare read&share only folder with more permissionsEPSS 0.5%CVE-2023-33184LOWBlind SSRF in the Nextcloud Mail app on avatar endpointEPSS 0.5%CVE-2024-52518MEDIUMNextcloud Server is missing password confirmation when changing external storage optionsEPSS 0.5%CVE-2023-22471LOWNextcloud Deck vulnerable to authorization bypassEPSS 0.5%CVE-2022-39212MEDIUMLast video frame is still sent after video is disabled in a call in Nextcloud TalkEPSS 0.5%CVE-2024-22404MEDIUMPermissions bypass in Nextcloud with the files zip appEPSS 0.5%CVE-2024-52513LOWNextcloud Server's Attachments folder for Text app is accessible on "Files drop" and "Password protected" sharesEPSS 0.5%CVE-2024-22402MEDIUMImproper handling of request URLs in Nextcloud Guests app allows guest users to bypass app allowlistEPSS 0.5%CVE-2023-25579MEDIUMDirectory traversal in Nextcloud serverEPSS 0.5%CVE-2024-22213NONECross-site Scripting when sending HTML as a comment in the Nextcloud Deck appEPSS 0.5%CVE-2021-39221MEDIUMXSS in ContactsEPSS 0.5%CVE-2024-52509LOWNextcloud Mail app does not respect download permissions in sharesEPSS 0.5%CVE-2023-35173MEDIUMEnd-to-End encrypted file-drops can be made inaccessibleEPSS 0.5%CVE-2024-52519LOWNextcloud Server's OAuth2 client secrets were stored in a recoverable wayEPSS 0.5%CVE-2023-39959LOWExistence of calendars and address books can be checked by unauthenticated usersEPSS 0.5%CVE-2025-58051MEDIUMNextcloud Tables app allowed to include local file via PhpSpreadsheet when importing a tableEPSS 0.5%CVE-2023-45151MEDIUMOAuth2 client_secret stored in plain text in the Nextcloud databaseEPSS 0.5%CVE-2023-39955LOWNotes attachment render HTML in preview modeEPSS 0.5%CVE-2023-45149MEDIUMPassword of talk conversations can be bruteforced in NextcloudEPSS 0.5%CVE-2023-23944LOWNexcloud Mail app temporarily stores cleartext password in databaseEPSS 0.5%