10 matches found
hermes 日志信息泄露漏洞
Hermes is a workflow platform open-sourced by Automated Software Metadata Publication. A log information disclosure vulnerability exists in hermes version 0.8.1 through versions prior to 0.9.1, which stems from the hermes subcommand logging arbitrary options in raw form under the -O parameter,...
VaulTLS 安全漏洞
VaulTLS is a modern solution from Emily Ehlert Personal Developer to easily manage mTLS two-way TLS certificates. A security vulnerability exists in VaulTLS versions prior to 0.9.1 that stems from an empty password setup and API login bypass, which could lead to unauthorized access...
krail-jpa SQL注入漏洞
krail-jpa is a KrailOrg open source module for use with Krail. The module provides JPA functionality . A SQL injection vulnerability exists in krail-jpa versions prior to 0.9.1, which stems from an unknown partial impact and operates to cause SQL injection...
PT-2022-28131 · Unknown · Usememos/Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to Cross-Site Request Forgery CSRF in the GitHub repository usememos/memos. CSRF is an attack that tricks a user into performing unintended actions on a web application...
memos 跨站请求伪造漏洞
memos is an open source hosted meme center with knowledge management and social features. A cross-site request forgery vulnerability exists in memos versions prior to 0.9.1. An attacker could exploit this vulnerability to perform a cross-site request forgery attack...
memos 跨站脚本漏洞
memos is an open source hosted meme center with knowledge management and social features. A cross-site scripting vulnerability exists in versions of memos prior to 0.9.1. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
memos 安全漏洞
memos is an open source hosted memo center with knowledge management and social features. A security vulnerability exists in versions of memos prior to 0.9.1, which can be exploited by an attacker to delete user resources...
memos 安全漏洞
memos is an open source hosted memo center with knowledge management and social features. A security vulnerability exists in memos versions prior to 0.9.1, which can be exploited by an attacker to assign a HOST role to a new user...
PT-2022-28107 · Unknown +1 · Usememos/Memos +1
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue is related to an Improper Access Control vulnerability, allowing for authorization bypass through a user-controlled key. This can result in a user being able to delete others' publ...
PT-2022-28101 · Unknown · Usememos/Memos
Name of the Vulnerable Software and Affected Versions: usememos/memos versions prior to 0.9.1 Description: The issue concerns an improper verification of the source of a communication channel. This affects the usememos/memos GitHub repository. There is no information provided about the estimated...