Nextcloud Server — набор клиент-серверных программ для создания и использования хранилища данных.

Релизный цикл, информация об уязвимостях

Продукт: Nextcloud Server

Вендор: nextcloud

График релизов

Недавние уязвимости Nextcloud Server

Количество 440

openSUSE-SU-2018:2510-1

больше 7 лет назад

Security update for nextcloud

EPSS: Низкий

openSUSE-SU-2018:2521-2

больше 7 лет назад

Security update for nextcloud

EPSS: Низкий

openSUSE-SU-2018:2521-1

больше 7 лет назад

Security update for nextcloud

EPSS: Низкий

CVE-2018-3780

больше 7 лет назад

A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.

CVSS3: 5.4

EPSS: Низкий

CVE-2018-3780

больше 7 лет назад

A missing sanitization of search results for an autocomplete field in ...

CVSS3: 5.4

EPSS: Низкий

CVE-2018-3776

больше 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3776

больше 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...

CVSS3: 5.3

EPSS: Низкий

CVE-2018-3775

больше 7 лет назад

Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3775

больше 7 лет назад

Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...

CVSS3: 8.8

EPSS: Низкий

CVE-2018-3776

больше 7 лет назад

Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано 1
openSUSE-SU-2018:2510-1 Security update for nextcloud		1% Низкий	больше 7 лет назад
openSUSE-SU-2018:2521-2 Security update for nextcloud		1% Низкий	больше 7 лет назад
openSUSE-SU-2018:2521-1 Security update for nextcloud		1% Низкий	больше 7 лет назад
CVE-2018-3780 A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.	CVSS3: 5.4	1% Низкий	больше 7 лет назад
CVE-2018-3780 A missing sanitization of search results for an autocomplete field in ...	CVSS3: 5.4	1% Низкий	больше 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.	CVSS3: 5.3	0% Низкий	больше 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0. ...	CVSS3: 5.3	0% Низкий	больше 7 лет назад
CVE-2018-3775 Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication.	CVSS3: 8.8	0% Низкий	больше 7 лет назад
CVE-2018-3775 Improper Authentication in Nextcloud Server prior to version 12.0.3 wo ...	CVSS3: 8.8	0% Низкий	больше 7 лет назад
CVE-2018-3776 Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log.	CVSS3: 5.3	0% Низкий	больше 7 лет назад

Уязвимостей на страницу