Nextcloud Server@15.0.0 Security Vulnerabilities and Issues — Nextcloud Server@15.0.0 CVE List

Lucene search

NextcloudNextcloud Server15.0.0

5 matches found

CVE•added 2020/02/04 8:15 p.m.•157 views

CVE-2019-15623

Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.

5.3CVSS5.8AI score0.00322EPSS

CVE•added 2020/02/04 8:15 p.m.•155 views

CVE-2019-15624

Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.

4.9CVSS5.7AI score0.00315EPSS

CVE•added 2020/02/04 8:15 p.m.•143 views

CVE-2019-15621

Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link.

6.5CVSS6.6AI score0.00121EPSS

CVE•added 2020/02/04 8:15 p.m.•55 views

CVE-2019-15612

A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.

5.9CVSS6AI score0.0018EPSS

CVE•added 2020/02/04 8:15 p.m.•48 views

CVE-2019-15618

Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.

4.8CVSS4.9AI score0.00196EPSS