Nextcloud Server@18.0.0 Security Vulnerabilities and Issues — Nextcloud Server@18.0.0 CVE List

Lucene search

NextcloudNextcloud Server18.0.0

4 matches found

CVE•added 2020/05/12 1:15 p.m.•132 views

CVE-2020-8154

An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.

7.7CVSS7.4AI score0.00964EPSS

CVE•added 2023/03/30 7:15 p.m.•128 views

CVE-2023-26482

Nextcloud server is an open source home cloud implementation. In affected versions a missing scope validation allowed users to create workflows which are designed to be only available for administrators. Some workflows are designed to be RCE by invoking defined scripts, in order to generate PDFs, i...

9CVSS8.6AI score0.65511EPSS

CVE•added 2020/03/20 9:15 p.m.•124 views

CVE-2020-8139

A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, and

6.5CVSS6.4AI score0.00317EPSS

CVE•added 2020/11/02 9:15 p.m.•43 views

CVE-2020-8173

A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended.

3.5CVSS4.5AI score0.00276EPSS