Where
-Infinity
0

Trending

Last week
Last month
Last year

Nextcloud DeckNextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners

Risk 34
Severity
5.4
First published (updated )
CVE-2025-66557

Nextcloud DeckNextcloud Deck app allows to spoof file extensions by using RTLO characters

Risk 31
Severity
5.5
First published (updated )
CVE-2025-66548

Nextcloud DeckNextcloud Deck can access comments and attachments of deleted cards

Risk 22
Severity
4.3
First published (updated )
CVE-2024-37883

Nextcloud DeckCross-site Scripting when sending HTML as a comment in the Nextcloud Deck app

Risk 25
Severity
5.4
EPSS
0.05%
First published (updated )
CVE-2024-22213

Nextcloud DeckNextcloud Deck vulnerable to authorization bypass

Risk 22
Severity
4.3
First published (updated )
CVE-2023-22471
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nextcloud DeckNextcloud Deck vulnerable to uncontrolled resource consumption

Risk 38
Severity
6.5
First published (updated )
CVE-2023-22470

Nextcloud DeckNextcloud Deck card vulnerable to data leak to unauthorized users via reference preview cache

Risk 33
Severity
5.8
First published (updated )
CVE-2023-22469

Nextcloud DeckError in deleting deck cards attachment reveals the full application path in Nextcloud Deck

Risk 22
Severity
4.3
First published (updated )
CVE-2022-24906

Nextcloud DeckPossibility for anyone to add a stack with existing tasks on anyone's board in Nextcloud Deck

Risk 26
Severity
5
First published (updated )
CVE-2022-29159

Nextcloud DeckMissing permission check on Deck API

Risk 60
Severity
8.1
First published (updated )
CVE-2021-39225
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nextcloud DeckCircle can be accessed by non-Circle members in Nextcloud Deck

Risk 38
Severity
6.5
First published (updated )
CVE-2021-37631

Nextcloud DeckInfoleak

Risk 37
Severity
6.5
First published (updated )
CVE-2021-22913

Nextcloud DeckNextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability th…

Risk 22
Severity
4.3
First published (updated )
CVE-2020-8297

Nextcloud DeckImproper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with th…

Risk 71
Severity
8
First published (updated )
CVE-2020-8182

Nextcloud DeckMissing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing a…

Risk 22
Severity
4.3
First published (updated )
CVE-2020-8235
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Nextcloud DeckImproper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users…

Risk 21
Severity
4.1
First published (updated )
CVE-2020-8179

Nextcloud DeckXSS

Risk 29
Severity
4.8
First published (updated )
CVE-2019-15619

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203