CVE-2023-22469

LOW Year: 2023
CVSS v3 Score
3.5
Low
Weakness Type
CWE-922
View all →

Vulnerability Description

Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck cards the user has no access to, unauthorized user could eventually get the cached data of a user that has access. There are currently no known workarounds. It is recommended that the Nextcloud app Deck is upgraded to 1.8.2.

Related Vulnerabilities

CVE-2020-10368

LOW
CVSS:3.5(Low)

Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory read access via a "Spectra" attack.

CWE-9222020

CVE-2024-32236

LOW
CVSS:3.5(Low)

An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component.

CWE-9222024

CVE-2020-5008

LOW
CVSS:3.7(Low)

IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.14 stores sensitive information in GET request parameters. This may lead to information disclosure if unauthorized parti...

CWE-9222020

CVE-2021-25402

LOW
CVSS:3.3(Low)

Information Exposure vulnerability in Samsung Notes prior to version 4.2.04.27 allows attacker to access s pen latency information.

CWE-9222021

CVE-2021-25404

LOW
CVSS:3.3(Low)

Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.

CWE-9222021

CVE-2021-25522

LOW
CVSS:3.3(Low)

Insecure storage of sensitive information vulnerability in Smart Capture prior to version 4.8.02.10 allows attacker to access victim's captured images without permission.

CWE-9222021