Nextcloud Server — набор клиент-серверных программ для создания и использования хранилища данных.

Релизный цикл, информация об уязвимостях

Продукт: Nextcloud Server

Вендор: nextcloud

График релизов

Недавние уязвимости Nextcloud Server

Количество 429

openSUSE-SU-2018:2521-2

около 7 лет назад

Security update for nextcloud

EPSS: Низкий

openSUSE-SU-2018:2510-1

около 7 лет назад

Security update for nextcloud

EPSS: Низкий

CVE-2018-3780

около 7 лет назад

A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.

CVSS3: 5.4

EPSS: Низкий

CVE-2018-3780

около 7 лет назад

A missing sanitization of search results for an autocomplete field in ...

CVSS3: 5.4

EPSS: Низкий

CVE-2018-3776

около 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3776

около 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3775

около 7 лет назад

Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3775

около 7 лет назад

Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3776

около 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3762

больше 7 лет назад

Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
openSUSE-SU-2018:2521-2 Security update for nextcloud		1% Низкий	около 7 лет назад
openSUSE-SU-2018:2510-1 Security update for nextcloud		1% Низкий	около 7 лет назад
CVE-2018-3780 A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.	CVSS3: 5.4	1% Низкий	около 7 лет назад
CVE-2018-3780 A missing sanitization of search results for an autocomplete field in ...	CVSS3: 5.4	1% Низкий	около 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.	CVSS3: 5.3	1% Низкий	около 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...	CVSS3: 5.3	1% Низкий	около 7 лет назад
CVE-2018-3775 Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.	CVSS3: 8.8	0% Низкий	около 7 лет назад
CVE-2018-3775 Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...	CVSS3: 8.8	0% Низкий	около 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.	CVSS3: 5.3	1% Низкий	около 7 лет назад
CVE-2018-3762 Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.	CVSS3: 4.3	0% Низкий	больше 7 лет назад

Уязвимостей на страницу