Nextcloud Server — набор клиент-серверных программ для создания и использования хранилища данных.

Релизный цикл, информация об уязвимостях

Продукт: Nextcloud Server

Вендор: nextcloud

График релизов

Недавние уязвимости Nextcloud Server

Количество 409

openSUSE-SU-2018:2510-1

почти 7 лет назад

Security update for nextcloud

EPSS: Низкий

openSUSE-SU-2018:2521-1

почти 7 лет назад

Security update for nextcloud

EPSS: Низкий

CVE-2018-3780

почти 7 лет назад

A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.

CVSS3: 5.4

EPSS: Низкий

CVE-2018-3780

почти 7 лет назад

A missing sanitization of search results for an autocomplete field in ...

CVSS3: 5.4

EPSS: Низкий

CVE-2018-3776

почти 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3776

почти 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3775

почти 7 лет назад

Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3775

почти 7 лет назад

Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3776

почти 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3762

почти 7 лет назад

Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
openSUSE-SU-2018:2510-1 Security update for nextcloud		0% Низкий	почти 7 лет назад
openSUSE-SU-2018:2521-1 Security update for nextcloud		0% Низкий	почти 7 лет назад
CVE-2018-3780 A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.	CVSS3: 5.4	0% Низкий	почти 7 лет назад
CVE-2018-3780 A missing sanitization of search results for an autocomplete field in ...	CVSS3: 5.4	0% Низкий	почти 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.	CVSS3: 5.3	1% Низкий	почти 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...	CVSS3: 5.3	1% Низкий	почти 7 лет назад
CVE-2018-3775 Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.	CVSS3: 8.8	0% Низкий	почти 7 лет назад
CVE-2018-3775 Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...	CVSS3: 8.8	0% Низкий	почти 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.	CVSS3: 5.3	1% Низкий	почти 7 лет назад
CVE-2018-3762 Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.	CVSS3: 4.3	0% Низкий	почти 7 лет назад

Уязвимостей на страницу