Vulnerabilities (CVE)

Filtered by vendor Nextcloud Subscribe
Filtered by product Desktop
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-8229 1 Nextcloud 1 Desktop 2024-02-28 4.9 MEDIUM 5.5 MEDIUM
A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.
CVE-2020-8189 1 Nextcloud 1 Desktop 2024-02-28 3.5 LOW 5.4 MEDIUM
A cross-site scripting error in Nextcloud Desktop client 2.6.4 allowed to present any html (including local links) when responding with invalid data on the login attempt.
CVE-2020-8230 1 Nextcloud 1 Desktop 2024-02-28 2.1 LOW 5.5 MEDIUM
A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR and DEP protections in for windows allowed to corrupt memory.
CVE-2020-8227 2 Linux, Nextcloud 2 Linux Kernel, Desktop 2024-02-28 7.1 HIGH 6.8 MEDIUM
Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory.