Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:27 a.m.4 views

CVE-2023-31145

Collabora Online is a collaborative online office suite based on LibreOffice technology. This vulnerability report describes a reflected XSS vulnerability with full CSP bypass in Nextcloud installations using the recommended bundle. The vulnerability can be exploited to perform a trivial account...

6.1CVSS5.8AI score0.01328EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/03 6:25 p.m.9 views

CVE-2025-66208 Configuration-Dependent RCE (OS Command Injection) in richdocumentscode proxy

Collabora Online - Built-in CODE Server richdocumentscode provides a built-in server with all of the document editing features of Collabora Online. In versions prior to 25.04.702, Collabora Online has a Configuration-Dependent RCE OS Command Injection in richdocumentscode proxy. Users of Nextclou...

9.2CVSS0.00317EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-26626

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00104EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-26625

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00106EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 3:15 a.m.1 views

CVE-2023-22472

Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link on a Windows computer. e.g. in an email, chat link...

8.8CVSS6.9AI score0.00104EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2023/08/12 2:10 a.m.2 views

SUSE CVE-2023-39953

useroidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, missing verification of the issuer would have allowed an attacker to perform a man-in-the-middle attack returning corrupted or known token they also...

4.8CVSS6.8AI score0.00612EPSS
Exploits0References3
CNNVD
CNNVDadded 2023/01/09 12:0 a.m.1 views

Deck 跨站请求伪造漏洞

Deck is a Kanban style organization tool. Designed for personal planning and project organization for teams integrating with Nextcloud. Deck suffers from a cross-site request forgery vulnerability. An attacker exploiting this vulnerability could send any POST request using an arbitrary body...

8.8CVSS8AI score0.00104EPSS
Exploits0References3
CNNVD
CNNVDadded 2021/06/04 12:0 a.m.1 views

Deck 信息泄露漏洞

Deck is a Kanban style organization tool. Designed for personal planning and project organization for teams integrated with Nextcloud. An information disclosure vulnerability exists in Deck that stems from allowing shared searches to be performed on the lookup server by default. A remote attacker...

6.5CVSS6.5AI score0.00652EPSS
Exploits0References3
Rows per page
Query Builder