Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Usememos Subscribe
Filtered by product Memos
Total 58 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25978 1 Usememos 1 Memos 2023-11-07 N/A 6.1 MEDIUM
All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme.
CVE-2023-5036 1 Usememos 1 Memos 2023-09-19 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.
CVE-2023-4698 1 Usememos 1 Memos 2023-09-01 N/A 7.5 HIGH
Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2.
CVE-2023-4697 1 Usememos 1 Memos 2023-09-01 N/A 8.8 HIGH
Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2.
CVE-2023-4696 1 Usememos 1 Memos 2023-09-01 N/A 9.8 CRITICAL
Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.
CVE-2022-4734 1 Usememos 1 Memos 2023-07-21 N/A 4.3 MEDIUM
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4811 1 Usememos 1 Memos 2023-07-21 N/A 5.4 MEDIUM
Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1.
CVE-2022-4686 1 Usememos 1 Memos 2023-06-27 N/A 9.8 CRITICAL
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0.
CVE-2022-4683 1 Usememos 1 Memos 2023-06-23 N/A 6.5 MEDIUM
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0.
CVE-2022-4808 1 Usememos 1 Memos 2023-06-22 N/A 8.8 HIGH
Improper Privilege Management in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4812 1 Usememos 1 Memos 2023-03-02 N/A 6.5 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4806 1 Usememos 1 Memos 2023-03-02 N/A 5.3 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4803 1 Usememos 1 Memos 2023-03-02 N/A 8.8 HIGH
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4799 1 Usememos 1 Memos 2023-03-02 N/A 6.5 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4802 1 Usememos 1 Memos 2023-03-02 N/A 5.4 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4798 1 Usememos 1 Memos 2023-03-02 N/A 5.3 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2023-0112 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0111 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0110 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0108 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.