CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

RedhatCVE•added 2026/01/09 11:21 a.m.•7 views

CVE-2021-22912

Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user...

6.5CVSS6.1AI score0.00652EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-10041

Malware in sbrugna...

6.5CVSS6.5AI score0.00652EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-32308

Malicious code in bioql PyPI...

6.8CVSS6.5AI score0.00071EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-53709

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00233EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 3:37 a.m.•3 views

CVE-2023-28647

Nextcloud iOS is an ios application used to interface with the nextcloud home cloud ecosystem. In versions prior to 4.7.0 when an attacker has physical access to an unlocked device, they may enable the integration into the iOS Files app and bypass the Nextcloud pin/password protection and gain...

6.8CVSS6.4AI score0.00071EPSS

Exploits0References1

Positive Technologies•added 2023/12/22 12:0 a.m.•2 views

PT-2023-31352

Name of the Vulnerable Software and Affected Versions Nextcloud iOS Files app versions prior to 4.9.2 Description The issue affects the Nextcloud iOS Files app, which is used to interact with the Nextcloud self-hosted productivity platform. It allows the application to be used without providing t...

4.3CVSS4.6AI score0.00233EPSS

Exploits0References9

Nextcloud•added 2023/12/18 8:25 a.m.•26 views

App PIN code can be bypassed in Files iOS

None...

4.3CVSS4.8AI score0.00233EPSS

Exploits0References2Affected Software1

CVE•added 2023/04/04 12:51 p.m.•121 views

CVE-2023-28999

CVE-2023-28999 affects Nextcloud clients: Desktop 3.0.0–3.8.0, Android 3.13.0–3.25.0, iOS 3.0.5–4.8.0. Description in OSV/NVD indicates a malicious server administrator can gain full access to an end-to-end encrypted folder, decrypt files, recover folder structure, and add new files, due to a lac...

6.9CVSS5.9AI score0.01284EPSS

Exploits1References3Affected Software2

Positive Technologies•added 2023/04/04 12:0 a.m.•2 views

PT-2023-22075 · Nextcloud +2 · Nextcloud Android App +4

Name of the Vulnerable Software and Affected Versions: Nextcloud Desktop client versions 3.0.0 through 3.8.0 Nextcloud Android app versions 3.13.0 through 3.25.0 Nextcloud iOS app versions 3.0.5 through 4.8.0 Description: A malicious server administrator can gain full access to an end-to-end...

8.8CVSS6AI score0.02214EPSS

Exploits10References38

Vulnrichment•added 2023/03/30 6:12 p.m.•5 views

CVE-2023-28647 App pin of the iOS app can be bypassed in Nextcloud iOS

4.4CVSS6.3AI score0.00071EPSS

Exploits0References2

CNNVD•added 2021/06/04 12:0 a.m.•2 views

Nextcloud 信息泄露漏洞

Nextcloud is an open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in the Nextcloud iOS App that originates from the default Nextcloud Server and iOS Client leaking shared searches to...

6.5CVSS6.6AI score0.00652EPSS

Exploits1References3

Hacker One•added 2019/05/09 5:15 p.m.•22 views

Nextcloud: Blind Stored XSS on iOS App due to Unsanitized Webview

Hi Team! I found a Blind XSS can executed on iOS App due to unsanitized webview. Using this issue, attacker can extract information from victim. Steps To Reproduce: 1. Upload malicious HTML, share to victim 2. Waiting victim to open it F487447 F487448 HTML payload attached, don't forget to change...

3.5CVSS0.4AI score0.00252EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by