Nextcloud Server@19.0.0 Security Vulnerabilities and Issues — Nextcloud Server@19.0.0 CVE List

Lucene search

NextcloudNextcloud Server19.0.0

6 matches found

CVE•added 2021/01/26 6:16 p.m.•140 views

CVE-2020-8293

A missing input validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows users to store unlimited data in workflow rules causing load and potential DDoS on later interactions and usage with those rules.

6.5CVSS6.7AI score0.0116EPSS

CVE•added 2021/02/03 5:15 p.m.•133 views

CVE-2020-8294

A missing link validation in Nextcloud Server before 20.0.2, 19.0.5, 18.0.11 allows execution of a stored XSS attack using Internet Explorer when saving a 'javascript:' URL in markdown format.

5.4CVSS6AI score0.00391EPSS

CVE•added 2020/11/02 9:15 p.m.•127 views

CVE-2020-8183

A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call.

7.5CVSS7.5AI score0.00952EPSS

CVE•added 2023/08/10 6:15 p.m.•78 views

CVE-2023-39962

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 19.0.0 and prior to versions 19.0.13.10, 20.0.14.15, 21.0.9.13, 22.2.10.14, 23.0.12.8, 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1, a malicious user could delete any personal or global external storag...

7.7CVSS7.4AI score0.00239EPSS

CVE•added 2023/06/23 9:15 p.m.•54 views

CVE-2023-35928

Nextcloud Server is a space for data storage on Nextcloud, a self-hosted productivity playform. In NextCloud Server versions 25.0.0 until 25.0.7 and 26.0.0 until 26.0.2 and Nextcloud Enterprise Server versions 19.0.0 until 19.0.13.9, 20.0.0 until 20.0.14.14, 21.0.0 until 21.0.9.12, 22.0.0 until 22....

8.8CVSS8.5AI score0.00333EPSS

CVE•added 2020/10/05 2:15 p.m.•44 views

CVE-2020-8223

A logic error in Nextcloud Server 19.0.0 caused a privilege escalation allowing malicious users to reshare with higher permissions than they got assigned themselves.

6.5CVSS6.6AI score0.0027EPSS