| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-23944 | Nexcloud Mail app temporarily stores cleartext password in database | nextcloud | security-advisories | Low | 2.0 | 2023-02-06 19:35:31 | Deep Dive |
| CVE-2023-22471 | Nextcloud Deck vulnerable to authorization bypass | nextcloud | security-advisories | Low | 3.5 | 2023-01-14 00:34:07 | Deep Dive |
| CVE-2023-22470 | Nextcloud Deck vulnerable to uncontrolled resource consumption | nextcloud | security-advisories | Low | 3.5 | 2023-01-14 00:32:29 | Deep Dive |
| CVE-2023-22469 | Nextcloud Deck card vulnerable to data leak to unauthorized users via reference preview cache | nextcloud | security-advisories | Medium | 5.8 | 2023-01-10 20:26:27 | Deep Dive |
| CVE-2023-22473 | Passcode bypass on Talk-Android app | nextcloud | security-advisories | Low | 2.1 | 2023-01-09 14:07:15 | Deep Dive |
| CVE-2023-22472 | Nextcloud Deck Desktop Client is vulnerable to Cross-Site Request Forgery (CSRF) via malicious link | nextcloud | security-advisories | Medium | 5.3 | 2023-01-09 13:54:53 | Deep Dive |
| CVE-2022-41971 | Nextcloud Talk guests can continue to receive video streams from call after being removed from a conversation | nextcloud | security-advisories | Medium | 4.8 | 2022-12-01 20:55:46 | Deep Dive |
| CVE-2022-41970 | Nextcloud Server's disabled download shares still allow download through preview images | nextcloud | security-advisories | Low | 2.6 | 2022-12-01 20:54:37 | Deep Dive |
| CVE-2022-41969 | Nextcloud Server has no password length limit when creating a user as an administrator | nextcloud | security-advisories | Low | 2.4 | 2022-12-01 20:47:50 | Deep Dive |
| CVE-2022-41968 | Nextcloud Server's calendar name length not validated before writing to database | nextcloud | security-advisories | Low | 3.5 | 2022-12-01 20:38:47 | Deep Dive |
| CVE-2022-39346 | Missing length validation of user displayname in nextcloud server | nextcloud | security-advisories | Low | 3.5 | 2022-11-25 00:00:00 | Deep Dive |
| CVE-2022-39331 | Cross-site Scripting (XSS) in Nexcloud Desktop Client | nextcloud | security-advisories | Medium | 4.6 | 2022-11-25 00:00:00 | Deep Dive |
| CVE-2022-39332 | Cross-site scripting (XSS) in Nextcloud Desktop Client | nextcloud | security-advisories | Medium | 4.6 | 2022-11-25 00:00:00 | Deep Dive |
| CVE-2022-39333 | Cross-site scripting (XSS) in Nextcloud Desktop Client | nextcloud | security-advisories | Medium | 4.6 | 2022-11-25 00:00:00 | Deep Dive |
| CVE-2022-39334 | nextcloudcmd incorrectly trusts bad TLS certificates | nextcloud | security-advisories | Low | 3.9 | 2022-11-25 00:00:00 | Deep Dive |
| CVE-2022-39338 | Stored cross site scripting (XSS) vulnerability via Authorization Endpoint in user_oidc | nextcloud | security-advisories | Low | 3.5 | 2022-11-25 00:00:00 | Deep Dive |
| CVE-2022-39339 | Cleartext Transmission of Sensitive Information in user_oidc | nextcloud | security-advisories | Medium | 4.3 | 2022-11-25 00:00:00 | Deep Dive |
| CVE-2022-41926 | Nextcloud Talk Android broadcast incorrect permission handling | nextcloud | security-advisories | Low | 3.3 | 2022-11-25 00:00:00 | Deep Dive |
| CVE-2022-41882 | Nextcloud Desktop vulnerable to code injection via malicious link | nextcloud | security-advisories | Medium | 6.6 | 2022-11-11 00:00:00 | Deep Dive |
| CVE-2022-39330 | Database resource exhaustion for logged-in users via sharee recommendations with circles | nextcloud | security-advisories | Medium | 4.8 | 2022-10-27 00:00:00 | Deep Dive |