Desktop@* Security Vulnerabilities and Issues — Desktop@* CVE List

Lucene search

NextcloudDesktop*

4 matches found

CVE•added 2021/04/14 1:15 p.m.•185 views

CVE-2021-22879

Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.

8.8CVSS8.6AI score0.0101EPSS

CVE•added 2021/08/18 4:15 p.m.•86 views

CVE-2021-32728

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a private ...

6.5CVSS6.1AI score0.0045EPSS

CVE•added 2021/06/11 4:15 p.m.•61 views

CVE-2021-22895

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

5.9CVSS5.8AI score0.00364EPSS

CVE•added 2021/08/18 6:15 p.m.•53 views

CVE-2021-37617

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. The Nextcloud Desktop Client invokes its uninstaller script when being installed to make sure there are no remnants of previous installations. In versions 3.0.3 through 3.2.4, the Client searches the ...

7.3CVSS6.9AI score0.00299EPSS