Lucene search
K

54 matches found

RedhatCVE
RedhatCVE
added 2025/12/09 8:27 a.m.6 views

CVE-2025-66548

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension th...

5.5CVSS6.8AI score0.0013EPSS
Exploits0References1
NVD
NVD
added 2025/12/05 6:15 p.m.7 views

CVE-2025-66548

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension th...

5.5CVSS0.0013EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/05 5:26 p.m.4 views

EUVD-2025-201466

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension th...

3.3CVSS6.2AI score0.0013EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/05 5:26 p.m.2 views

CVE-2025-66548 Nextcloud Deck app allows to spoof file extensions by using RTLO characters

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension th...

3.3CVSS6.4AI score0.0013EPSS
Exploits0References4
OSV
OSV
added 2025/12/05 5:26 p.m.4 views

CVE-2025-66548 Nextcloud Deck app allows to spoof file extensions by using RTLO characters

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension th...

3.3CVSS6.7AI score0.0013EPSS
Exploits0References6
Nextcloud
Nextcloud
added 2025/12/05 7:59 a.m.16 views

Deck app allows to spoof file extensions by using RTLO characters

None...

5.5CVSS5.2AI score0.0013EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/05 12:0 a.m.5 views

PT-2025-49297

Name of the Vulnerable Software and Affected Versions Nextcloud Deck versions prior to 1.12.7 Nextcloud Deck versions prior to 1.14.4 Nextcloud Deck versions prior to 1.15.1 Description Nextcloud Deck is a kanban style organization tool for personal planning and project organization integrated wi...

5.5CVSS6.5AI score0.0013EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-2748

Malware in sbrugna...

6.8CVSS6.4AI score0.02305EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2005-0587

Malware in sbrugna...

2.6CVSS6.1AI score0.00985EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2004-2521

Malware in sbrugna...

2.6CVSS6.4AI score0.02037EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2013-5018

Malware in sbrugna...

5CVSS6.1AI score0.01042EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2009-3358

Malware in sbrugna...

9.3CVSS8AI score0.03183EPSS
Exploits2References22
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-2406

Malware in sbrugna...

5CVSS6.4AI score0.02779EPSS
Exploits0References7
Zero Day Initiative
Zero Day Initiative
added 2024/12/11 12:0 a.m.9 views

Microsoft Edge File Extension Spoofing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Microsoft...

7.5CVSS6.6AI score0.0107EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/09/10 12:0 a.m.11 views

Microsoft Windows Internet Explorer File Extension Spoofing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet...

7.5CVSS6.7AI score0.51883EPSS
Exploits0References1
Hacker One
Hacker One
added 2024/01/19 11:44 a.m.6 views

Nextcloud: Deck app allows to spoof file extensions by using RTLO characters

The Deck app was found to allow spoofing of file extensions by using RTLO characters...

5.5CVSS6.5AI score0.0013EPSS
Exploits0
OSV
OSV
added 2023/09/24 10:16 p.m.7 views

MGASA-2023-0266 Updated firefox/thunderbird packages fix security vulnerability

Use-after-free in workers. CVE-2023-3600 File Extension Spoofing using the Text Direction Override Character. CVE-2023-3417 Offscreen Canvas could have bypassed cross-origin restrictions. CVE-2023-4045 Incorrect value used during WASM compilation. CVE-2023-4046 Potential permissions request bypas...

9.8CVSS8.9AI score0.99735EPSS
Exploits10References24
Mageia
Mageia
added 2023/09/24 10:16 p.m.58 views

Updated firefox/thunderbird packages fix security vulnerability

Use-after-free in workers. CVE-2023-3600 File Extension Spoofing using the Text Direction Override Character. CVE-2023-3417 Offscreen Canvas could have bypassed cross-origin restrictions. CVE-2023-4045 Incorrect value used during WASM compilation. CVE-2023-4046 Potential permissions request bypas...

9.8CVSS8.7AI score0.99735EPSS
Exploits10References23
Rockylinux
Rockylinux
added 2023/08/08 12:35 p.m.38 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...

9.8CVSS8.2AI score0.13694EPSS
Exploits1
OSV
OSV
added 2023/08/08 12:35 p.m.32 views

RLSA-2023:4499 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.14.0. Security Fixes: Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used during WASM compilation CVE-2023-4046 Mozilla:...

7.5CVSS9.6AI score0.13694EPSS
Exploits1References11
Rows per page
Query Builder