Desktop Security Vulnerabilities and Issues — Desktop CVE List

Lucene search

NextcloudDesktop

6 matches found

CVE•added 2022/11/25 8:15 p.m.•72 views

CVE-2022-39332

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application via user status and information. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for thi...

5.4CVSS5AI score0.00217EPSS

CVE•added 2022/11/25 7:15 p.m.•70 views

CVE-2022-39331

Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker can inject arbitrary HyperText Markup Language into the Desktop Client application in the notifications. It is recommended that the Nextcloud Desktop client is upgraded to 3.6.1. There are no known workarounds for this issue.

5.4CVSS5AI score0.00217EPSS

CVE•added 2020/08/21 9:15 p.m.•67 views

CVE-2020-8189

A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html (including local links) when responding with invalid data on the login attempt.

5.4CVSS5.2AI score0.02601EPSS

CVE•added 2021/06/11 4:15 p.m.•61 views

CVE-2021-22895

Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.

5.9CVSS5.8AI score0.00364EPSS

CVE•added 2020/08/17 4:15 p.m.•41 views

CVE-2020-8230

A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory.

5.5CVSS5.5AI score0.00235EPSS

CVE•added 2020/08/10 2:15 p.m.•37 views

CVE-2020-8229

A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.

5.5CVSS5.2AI score0.00258EPSS