Lucene search
+L

506 matches found

RedhatCVE
RedhatCVE
added 2025/12/09 12:11 a.m.5 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

4.3CVSS7.1AI score0.00185EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/09 12:11 a.m.4 views

CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

5.4CVSS6.9AI score0.00156EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/08 6:30 p.m.7 views

EUVD-2025-201723

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.3AI score0.00223EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/12/08 6:30 p.m.9 views

memos vulnerability allows arbitrarily modification or deletion registered identity providers

Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service DoS...

6.5CVSS6.9AI score0.00245EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2025/12/08 6:30 p.m.5 views

GHSA-MG56-WC4Q-RW4W memos vulnerability allows the creation of arbitrary accounts

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.8AI score0.00223EPSS
Exploits1References8
EUVD
EUVD
added 2025/12/08 6:30 p.m.5 views

EUVD-2025-201726

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

5.4CVSS6.4AI score0.00156EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/08 6:30 p.m.6 views

EUVD-2025-201725

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS6.4AI score0.00173EPSS
Exploits1References5
OSV
OSV
added 2025/12/08 6:30 p.m.6 views

GHSA-8JCJ-G9F4-QX42 memos vulnerability allows arbitrarily reactions deletion

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS6.8AI score0.00173EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2025/12/08 12:0 a.m.2 views

CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

6.5AI score0.00156EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/08 12:0 a.m.2 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

6.5AI score0.00173EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.7 views

PT-2025-49565

Name of the Vulnerable Software and Affected Versions usememos memos version 0.25.2 Description An access control issue exists in usememos memos version 0.25.2. Attackers with limited privileges can delete reactions created by other users on Memos. The issue involves insufficient restrictions on...

4.3CVSS6.5AI score0.00173EPSS
Exploits1References9
OSV
OSV
added 2025/12/08 12:0 a.m.6 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

4.3CVSS6.8AI score0.00173EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/08 12:0 a.m.33 views

CVE-2025-65796

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily delete reactions made to other users' Memos...

0.00173EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/08 12:0 a.m.30 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

0.00185EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/08 12:0 a.m.30 views

CVE-2025-65795

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

0.00223EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/08 12:0 a.m.25 views

CVE-2025-65798

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete attachments made by other users...

0.00156EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49567

Name of the Vulnerable Software and Affected Versions usememos memos version 0.25.2 Description A flaw in access control within usememos memos allows attackers with limited privileges to improperly change or remove attachments uploaded by other users. The issue involves insufficient restrictions ...

5.4CVSS6.4AI score0.00156EPSS
Exploits1References9
EUVD
EUVD
added 2025/12/08 12:0 a.m.7 views

EUVD-2025-201722

Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify or delete registered identity providers, leading to an account takeover or Denial of Service DoS...

6.5CVSS6.4AI score0.00245EPSS
Exploits1References5
OSV
OSV
added 2025/12/08 12:0 a.m.10 views

CVE-2025-65795

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a crafted request...

7.5CVSS6.8AI score0.00223EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/08 12:0 a.m.5 views

CVE-2025-65799

A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal...

6.7AI score0.00185EPSS
Exploits1References3
Rows per page
Query Builder