EUVD-2023-26626

Malicious code in bioql PyPI...

CVE-2023-22470

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is recommended that t...

CVE-2023-22470

CVE-2023-22470 affects Nextcloud Deck (kanban tool) used with Nextcloud. The vulnerability is a database error that can be exploited to cause a denial of service when the action is repeated; no specific exploitation steps are provided in the documents. Impact is described as potential DoS with mu...

CVE-2023-22470 Nextcloud Deck vulnerable to uncontrolled resource consumption

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. A database error can be generated potentially causing a DoS when performed multiple times. There are currently no known workarounds. It is recommended that t...

CVE-2023-22469

CVE-2023-22469 affects Nextcloud Deck (Deck app for Nextcloud), where unauthorized users can access cached data when obtaining a reference preview for a Deck card to which they have no access. Root cause is leakage via the reference preview cache, enabling data exposure of another user’s cards. A...

CVE-2023-22472

Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link on a Windows computer. e.g. in an email, chat link...

CVE-2023-22472 Nextcloud Deck Desktop Client is vulnerable to Cross-Site Request Forgery (CSRF) via malicious link

Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. It is possible to make a user send any POST request with an arbitrary body given they click on a malicious deep link on a Windows computer. e.g. in an email, chat link...

CVE-2021-37631

Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions the Deck application didn't properly check membership of users in a Circle. This allowed other users in the instance to gain access t...

CVE-2021-37631

CVE-2021-37631 affects Nextcloud Deck. The vulnerability arises from improper checking of Circle membership, allowing non-circle members to access boards shared with a Circle. Affected software is Deck (Nextcloud integration); multiple sources (Red Hat, CNVD, OSV, CVE list, GHSA advisory) consist...