| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-32733 | XSS in Nextcloud Text application | nextcloud | security-advisories | Medium | 4.8 | 2021-07-12 21:05:12 | Deep Dive |
| CVE-2021-32727 | End-to-end encryption device setup did not verify public key | nextcloud | security-advisories | Medium | 5.7 | 2021-07-12 20:40:13 | Deep Dive |
| CVE-2021-32726 | Webauthn tokens not removed after user has been deleted | nextcloud | security-advisories | High | 7.1 | 2021-07-12 19:45:13 | Deep Dive |
| CVE-2021-32725 | Default share permissions not respected for federated reshares | nextcloud | security-advisories | Low | 3.5 | 2021-07-12 19:30:14 | Deep Dive |
| CVE-2021-32707 | Bypass of image blocking in Nextcloud Mail | nextcloud | security-advisories | Medium | 4.3 | 2021-07-12 19:05:13 | Deep Dive |
| CVE-2021-32689 | Nextcloud Talk not properly disassociating users from chats after account deletion | nextcloud | security-advisories | High | 8.1 | 2021-07-12 18:45:15 | Deep Dive |
| CVE-2021-32705 | Lack of ratelimit on public DAV endpoint | nextcloud | security-advisories | Medium | 5.3 | 2021-07-12 15:30:14 | Deep Dive |
| CVE-2021-32703 | Lack of ratelimit on shareinfo endpoint | nextcloud | security-advisories | Medium | 5.3 | 2021-07-12 15:25:12 | Deep Dive |
| CVE-2021-32688 | Application specific tokens can change their own scope | nextcloud | security-advisories | High | 8.8 | 2021-07-12 13:45:13 | Deep Dive |
| CVE-2021-32680 | Audit log is not properly logging unsetting of share expiration date | nextcloud | security-advisories | Low | 3.3 | 2021-07-12 13:25:16 | Deep Dive |
| CVE-2021-32679 | Filenames not escaped by default in controllers using DownloadResponse | nextcloud | security-advisories | Low | 3.5 | 2021-07-12 12:50:10 | Deep Dive |
| CVE-2021-32678 | Ratelimit not applied on OCS API responses | nextcloud | security-advisories | Low | 3.7 | 2021-07-12 12:25:11 | Deep Dive |
| CVE-2021-32694 | Malicious Android application can crash the Nextcloud Android Client | nextcloud | security-advisories | Medium | 4.1 | 2021-06-17 21:15:12 | Deep Dive |
| CVE-2021-32695 | Malicious Android app could access Shared Preferences of the Nextcloud Android client | nextcloud | security-advisories | Low | 3.9 | 2021-06-17 20:50:11 | Deep Dive |
| CVE-2021-32676 | Session Fixation in Nextcloud Talk | nextcloud | security-advisories | Medium | 6.5 | 2021-06-16 00:05:10 | Deep Dive |
| CVE-2021-22905 | Nextcloud 信息泄露漏洞 | - | Nextcloud Android App (com.nextcloud.client) | 中危 | - | 2021-06-11 15:49:39 | Deep Dive |
| CVE-2021-22906 | Nextcloud 资源管理错误漏洞 | - | Nextcloud End-to-End Encryption | 中危 | - | 2021-06-11 15:49:39 | Deep Dive |
| CVE-2021-22895 | Nextcloud 信任管理问题漏洞 | - | Nextcloud Desktop Client | 中危 | - | 2021-06-11 15:49:38 | Deep Dive |
| CVE-2021-22896 | Nextcloud Mail 访问控制错误漏洞 | - | Nextcloud Mail | 中危 | - | 2021-06-11 15:49:38 | Deep Dive |
| CVE-2021-22915 | Nextcloud server 处理逻辑错误漏洞 | - | Nextcloud Server | 超危 | - | 2021-06-11 15:49:38 | Deep Dive |