Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8227 | 2 Linux, Nextcloud | 2 Linux Kernel, Desktop | 2022-09-27 | 7.1 HIGH | 6.8 MEDIUM |
| Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory. | |||||
| CVE-2020-8229 | 1 Nextcloud | 1 Desktop | 2022-09-27 | 4.9 MEDIUM | 5.5 MEDIUM |
| A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system. | |||||
| CVE-2020-8230 | 1 Nextcloud | 1 Desktop | 2022-09-27 | 2.1 LOW | 5.5 MEDIUM |
| A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory. | |||||
| CVE-2021-22895 | 2 Debian, Nextcloud | 2 Debian Linux, Desktop | 2021-12-02 | 4.3 MEDIUM | 5.9 MEDIUM |
| Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow. | |||||