Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nextcloud deck vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2019-15619
Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project.
Nextcloud Deck
Nextcloud Nextcloud Server
Nextcloud Talk
4.3
CVSSv2
CVE-2021-22913
Nextcloud Deck prior to 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user.
Nextcloud Deck
4
CVSSv2
CVE-2022-24906
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaroun...
Nextcloud Deck
4
CVSSv2
CVE-2020-8297
Nextcloud Deck prior to 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user.
Nextcloud Deck
NA
CVE-2024-22213
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions users could be tricked into executing malicious code that would execute in their browser via HTML sent as a comment. It is recomm...
Nextcloud Deck
5.5
CVSSv2
CVE-2021-39225
Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck prior to 1.2.9, 1.4.5 and 1.5.3 allows another authenticated users to access Deck cards of another user. It is recommended that the Nextcloud Deck App is upgraded to 1.2.9...
Nextcloud Deck
4
CVSSv2
CVE-2021-37631
Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn't properly check membership of users in a Circle. This allowed other users in the ins...
Nextcloud Deck
4
CVSSv2
CVE-2020-8179
Improper access control in Nextcloud Deck 1.0.0 allowed an malicious user to inject tasks into other users decks.
Nextcloud Deck
4
CVSSv2
CVE-2022-29159
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions before 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move stacks with cards from their own board to a board of another user. The Nextcloud Deck app contains a patch for this is...
Nextcloud Deck
NA
CVE-2023-22469
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck cards the user has no access to, unauthorized user could eventually get the cached data of a user that has...
Nextcloud Deck
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »