ROS-20260209-73-0021

Vulnerability in nextcloud-app-mail caused by failure to take measures to protect web page structure. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

EUVD-2023-43653

Malicious code in bioql PyPI...

EUVD-2023-37365

Malicious code in bioql PyPI...

EUVD-2023-26623

Malicious code in bioql PyPI...

CVE-2024-52512

useroidc app is an OpenID Connect user backend for Nextcloud. A malicious user could send a malformed login link that would redirect the user to a provided URL after successfully authenticating. It is recommended that the Nextcloud User OIDC app is upgraded to 6.1.0...

CVE-2023-49782 Cross-Site-Scripting vulnerability in error message passing in richdocumentscode

Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online - Built-in CODE Server app can be vulnerable to attack via proxy.php. The bug was fixed in Collabora Online - Built-in CODE Server richdocumentscode release 23.5.601...

CVE-2022-39210

The CVE-2022-39210 entry concerns the Nextcloud Android client (com.nextcloud.client). The issue is a path-traversal/access to internal files, arising from inadequately protected internal app file paths, enabling potential leakage of sensitive information from within the app. Affected behavior is...

CVE-2022-24885 Improper Authentication in Nextcloud Android Files

Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.1, users can bypass a lock on the Nextcloud app on an Android device by repeatedly reopening the app. Version 3.19.1 contains a fix for the problem. There are currently no known...