Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Usememos Subscribe
Total 54 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4803 1 Usememos 1 Memos 2023-03-01 N/A 8.8 HIGH
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4812 1 Usememos 1 Memos 2023-03-01 N/A 6.5 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4806 1 Usememos 1 Memos 2023-03-01 N/A 5.3 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4799 1 Usememos 1 Memos 2023-03-01 N/A 6.5 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4802 1 Usememos 1 Memos 2023-03-01 N/A 5.4 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4798 1 Usememos 1 Memos 2023-03-01 N/A 5.3 MEDIUM
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4811 1 Usememos 1 Memos 2023-03-01 N/A 5.4 MEDIUM
Incorrect Authorization in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-25978 1 Usememos 1 Memos 2023-02-23 N/A 6.1 MEDIUM
All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme.
CVE-2023-0110 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0112 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0108 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0111 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0106 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0107 1 Usememos 1 Memos 2023-01-12 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2022-4863 1 Usememos 1 Memos 2023-01-10 N/A 6.5 MEDIUM
Improper Handling of Insufficient Permissions or Privileges in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4866 1 Usememos 1 Memos 2023-01-06 N/A 9.0 CRITICAL
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4865 1 Usememos 1 Memos 2023-01-06 N/A 9.0 CRITICAL
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4814 1 Usememos 1 Memos 2023-01-05 N/A 4.3 MEDIUM
Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4813 1 Usememos 1 Memos 2023-01-05 N/A 4.3 MEDIUM
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4805 1 Usememos 1 Memos 2023-01-05 N/A 4.3 MEDIUM
Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.