Every CVE whose affected-product data names Nextcloud Deck, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (17)
CVE-2021-39225 — CVSS 8.1 (high): Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3…
CVE-2020-8182 — CVSS 8.0 (high): Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had…
CVE-2021-22913 — CVSS 6.5 (medium): Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server…
CVE-2021-37631 — CVSS 6.5 (medium): Deck is an open source kanban style organization tool aimed at personal planning and project organization for teams integrated with…
CVE-2023-22469 — CVSS 5.8 (medium): Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When…
CVE-2025-66557 — CVSS 5.4 (medium): Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud…
CVE-2022-29159 — CVSS 5.0 (medium): Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions prior to 1.4.8, 1.5.6, and 1.6.1, an…
CVE-2019-15619 — CVSS 4.8 (medium): Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud…
CVE-2020-8235 — CVSS 4.3 (medium): Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments.
CVE-2024-37883 — CVSS 4.3 (medium): Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud…
CVE-2020-8297 — CVSS 4.3 (medium): Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user…
CVE-2020-8179 — CVSS 4.1 (medium): Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.
CVE-2023-22471 — CVSS 3.5 (low): Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Broken…
CVE-2023-22470 — CVSS 3.5 (low): Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud…
CVE-2022-24906 — CVSS 3.5 (low): Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is…
CVE-2025-66548 — CVSS 3.3 (low): Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud…
CVE-2024-22213 — CVSS 0.0 (none): Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In…