VYPR

Nextcloud Enterprise Server

by Nextcloud

Source repositories

CVEs (133)

  • CVE-2023-48239HigNov 21, 2023
    risk 0.00cvss 8.5epss 0.01

    Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and starting in version 20.0.0 and prior to versions 20.0.14.16, 21.0.9.13, 22.2.10.15,…

  • CVE-2023-45148MedOct 16, 2023
    risk 0.00cvss 4.3epss 0.01

    Nextcloud is an open source home cloud server. When Memcached is used as `memcache.distributed` the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0.…

  • CVE-2023-39960MedOct 13, 2023
    risk 0.00cvss 5.0epss 0.01

    Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server starting with 25.0.0 and prior to 25.09 and 26.04; as well as Nextcloud Enterprise Server starting with 22.0.0 and prior to 22.2.10.14, 23.0.12.9, 24.0.12.5, 25.0.9, and…

  • CVE-2023-39961LowAug 10, 2023
    risk 0.00cvss 3.5epss 0.00

    Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 24.0.4 and prior to versions 25.0.9, 26.0.4, and 27.0.1, when a folder with images or an image was shared without download permissions, the user could add the image inline…

  • CVE-2023-39959LowAug 10, 2023
    risk 0.00cvss 3.5epss 0.00

    Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.9, 26.0.4, and 27.0.1, unauthenticated users could send a DAV request which reveals whether a calendar or an address book with the given…

  • CVE-2023-39958MedAug 10, 2023
    risk 0.00cvss 5.8epss 0.01

    Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 22.0.0 and prior to versions 22.2.10.13, 23.0.12.8, 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1, missing protection allows an attacker to brute force the client secrets of…

  • CVE-2023-35928HigJun 23, 2023
    risk 0.00cvss 8.4epss 0.01

    Nextcloud Server is a space for data storage on Nextcloud, a self-hosted productivity playform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 19.0.0 until 19.0.13.9, 20.0.0 until 20.0.14.14, 21.0.0 until…

  • CVE-2023-35927HigJun 23, 2023
    risk 0.00cvss 7.6epss 0.01

    NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until…

  • CVE-2023-35172HigJun 23, 2023
    risk 0.00cvss 8.7epss 0.01

    NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 21.0.0 until 21.0.9.12, 22.0.0 until…

  • CVE-2023-35171MedJun 23, 2023
    risk 0.00cvss 4.1epss 0.01

    NextCloud Server and NextCloud Enterprise Server provide file storage for Nextcloud, a self-hosted productivity platform. Starting in version 26.0.0 and prior to version 26.0.2, an attacker could supply a URL that redirects an unsuspecting victim from a legitimate domain to an…

  • CVE-2023-32320HigJun 22, 2023
    risk 0.00cvss 8.7epss 0.01

    Nextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. When multiple requests are sent in parallel, all of them were executed even if the amount of faulty requests succeeded the limit by the time the response was sent to the client. This…

  • CVE-2023-32318HigMay 26, 2023
    risk 0.00cvss 7.2epss 0.00

    Nextcloud server provides a home for data. A regression in the session handling between Nextcloud Server and the Nextcloud Text app prevented a correct destruction of the session on logout if cookies were not cleared manually. After successfully authenticating with any other…

  • CVE-2023-28847LowApr 25, 2023
    risk 0.00cvss 3.1epss 0.01

    Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. In Nextcloud Server 24.0.0 prior to 24.0.11 and 25.0.0 prior to 25.0.5; as well as Nextcloud Server Enterprise 23.0.0 prior to 23.0.12.6, 24.0.0 prior to 24.0.11, and 25.0.0 prior to…

  • CVE-2023-30539MedApr 17, 2023
    risk 0.00cvss 6.5epss 0.01

    Nextcloud is a personal home server system. Depending on the set up tags and other workflows this issue can be used to limit access of others or being able to grant them access when there are system tag based files access control or files retention rules. It is recommended that…

  • CVE-2023-25820MedMar 22, 2023
    risk 0.00cvss 4.2epss 0.00

    Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Enterprise Server is the enterprise version of the file server software. In Nextcloud Server versions 25.0.x prior to 25.0.5 and versions 24.0.x prior to 24.0.10 as…

  • CVE-2023-25162MedFeb 13, 2023
    risk 0.00cvss 5.3epss 0.01

    Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage…

  • CVE-2023-25161LowFeb 13, 2023
    risk 0.00cvss 3.7epss 0.01

    Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service…

  • CVE-2023-25159LowFeb 13, 2023
    risk 0.00cvss 2.3epss 0.00

    Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x…

  • CVE-2023-22470LowJan 14, 2023
    risk 0.00cvss 3.5epss 0.01

    Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is…

  • CVE-2022-39330MedOct 27, 2022
    risk 0.00cvss 4.8epss 0.01

    Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to versions 23.0.10 and 24.0.6 and Nextcloud Enterprise Server prior to versions 22.2.10, 23.0.10, and 24.0.6 are vulnerable to a logged-in attacker slowing…

Page 6 of 7