Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud deck vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2024-22213
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions users could be tricked into executing malicious code that would execute in their browser via HTML sent as a comment. It is recomm...
Nextcloud Deck
6.5
CVSSv3
CVE-2023-22470
Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is r...
Nextcloud Deck
4.3
CVSSv3
CVE-2023-22471
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Broken access control allows a user to delete attachments of other users. There are currently no known workarounds. It is recommended that the Nextclo...
Nextcloud Deck
3.5
CVSSv3
CVE-2023-22469
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck cards the user has no access to, unauthorized user could eventually get the cached data of a user that has...
Nextcloud Deck
8.8
CVSSv3
CVE-2023-22472
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link on a Windows computer. (e.g. in a...
Nextcloud Desktop 3.6.1
4.3
CVSSv3
CVE-2022-29159
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions before 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move stacks with cards from their own board to a board of another user. The Nextcloud Deck app contains a patch for this is...
Nextcloud Deck
4.3
CVSSv3
CVE-2022-24906
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaroun...
Nextcloud Deck
6.1
CVSSv3
CVE-2022-24887
Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. Prior to versions 11.3.4, 12.2.2, and 13.0.0, when sharing a Deck card in conversation, the metaData can be manipulated so users can be tricked into opening arbitrary URLs. Th...
Nextcloud Talk
Nextcloud Talk 13.0.0
8.1
CVSSv3
CVE-2021-39225
Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck prior to 1.2.9, 1.4.5 and 1.5.3 allows another authenticated users to access Deck cards of another user. It is recommended that the Nextcloud Deck App is upgraded to 1.2.9...
Nextcloud Deck
6.5
CVSSv3
CVE-2021-37631
Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn't properly check membership of users in a Circle. This allowed other users in the ins...
Nextcloud Deck
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »