Total
58 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-4813 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 4.3 MEDIUM |
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2023-0111 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | |||||
CVE-2022-4839 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4691 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. | |||||
CVE-2022-4690 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. | |||||
CVE-2022-4849 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 6.5 MEDIUM |
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4796 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 8.1 HIGH |
Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4806 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.3 MEDIUM |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4688 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 8.8 HIGH |
Improper Authorization in GitHub repository usememos/memos prior to 0.9.0. | |||||
CVE-2022-4799 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 6.5 MEDIUM |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2023-0110 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | |||||
CVE-2022-4807 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 4.3 MEDIUM |
Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4863 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 6.5 MEDIUM |
Improper Handling of Insufficient Permissions or Privileges in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4802 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.4 MEDIUM |
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4804 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.3 MEDIUM |
Improper Authorization in GitHub repository usememos/memos prior to 0.9.1. | |||||
CVE-2022-4692 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. | |||||
CVE-2022-25978 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 6.1 MEDIUM |
All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme. | |||||
CVE-2022-4865 | 1 Usememos | 1 Memos | 2023-12-10 | N/A | 9.0 CRITICAL |
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1. |