CVE-2022-4684 Improper Access Control in usememos/memos

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4719 Business Logic Errors in ikus060/rdiffweb

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5...

CVE-2022-4720

Open Redirect vulnerability CVE-2022-4720 affects the rdiffweb project (GitHub: ikus060/rdiffweb) prior to version 2.5.5. Root cause details are not explicitly provided in the initial document beyond the classification as an Open Redirect. Impact and exploitation specifics are not enumerated in t...

CVE-2022-4721

CVE-2022-4721 affects the rdiffweb project (ikus060/rdiffweb). The issue is a lack of sanitization of characters in SSH key names, enabling special-element injection (a hyperlink injection) that could redirect victims to malicious sites. Affected versions are prior to 2.5.5. Exploitation details ...

CVE-2022-4692

CVE-2022-4692 affects usememos/memos prior to 0.9.0, with a stored XSS flaw in the application’s handling of user input (notably via its Resource component and SVG uploads). The vulnerability is documented across multiple sources (NVD/Red Hat OSV, GHSA, CNNVD, CVE lists) as a Cross-site Scripting...

CVE-2022-4687

The CVE-2022-4687 entry concerns usememos/memos prior to version 0.9.0 with an issue described as the incorrect use of privileged APIs in the GitHub repository. The vulnerability is rated HIGH (CVSS ~8.1), with potential high impact on confidentiality and integrity but no availability impact repo...

CVE-2022-4723

rdiffweb (ikus060/rdiffweb) prior to version 2.5.5 is affected by an absence of rate limiting on the resend email feature when enabling or disabling 2FA via the /prefs/mfa endpoint. This can allow resource allocation without limits, as described across multiple sources. Affected component is the ...

CVE-2022-4686

CVE-2022-4686 affects the GitHub-hosted project usememos/memos, with versions prior to 0.9.0 vulnerable to an Authorization Bypass via a user-controlled key. The root cause, as described across sources, is improper/authentication-related handling that lets an attacker bypass authorization checks....

CVE-2022-4684

CVE-2022-4684 describes an improper access control vulnerability in the GitHub repository for usememos/memos prior to version 0.9.0. The issue impacts the project’s access boundaries, allowing potential unauthorized access as indicated by the CVE description and corroborating sources. Public refe...

CVE-2022-4688 Improper Authorization in usememos/memos

Improper Authorization in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4724 Improper Access Control in ikus060/rdiffweb

Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5...

CVE-2022-4690 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4694 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4686 Authorization Bypass Through User-Controlled Key in usememos/memos

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4720 Open Redirect in ikus060/rdiffweb

Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5...

CVE-2022-4691 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4722 Authentication Bypass by Primary Weakness in ikus060/rdiffweb

Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5...

CVE-2022-4692 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4694 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.0...

CVE-2022-4690 Cross-site Scripting (XSS) - Stored in usememos/memos

Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.0...