Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Usememos Security Vulnerabilities

cve
cve

CVE-2022-25978

All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme.

6.1CVSS

5.9AI Score

0.001EPSS

2023-02-15 05:15 AM
33
cve
cve

CVE-2022-4609

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-19 12:15 PM
36
cve
cve

CVE-2022-4683

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0.

6.5CVSS

6.4AI Score

0.001EPSS

2022-12-23 12:15 PM
30
cve
cve

CVE-2022-4684

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.

8.8CVSS

8.6AI Score

0.001EPSS

2022-12-23 12:15 PM
39
cve
cve

CVE-2022-4686

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0.

9.8CVSS

9.4AI Score

0.002EPSS

2022-12-23 12:15 PM
38
cve
cve

CVE-2022-4687

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0.

8.1CVSS

8.1AI Score

0.001EPSS

2022-12-23 12:15 PM
39
cve
cve

CVE-2022-4688

Improper Authorization in GitHub repository usememos/memos prior to 0.9.0.

8.8CVSS

8.6AI Score

0.001EPSS

2022-12-23 12:15 PM
30
cve
cve

CVE-2022-4689

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.

8.8CVSS

8.6AI Score

0.001EPSS

2022-12-23 12:15 PM
29
cve
cve

CVE-2022-4690

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-23 12:15 PM
30
cve
cve

CVE-2022-4691

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-27 03:15 PM
36
cve
cve

CVE-2022-4692

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-23 08:15 PM
36
cve
cve

CVE-2022-4694

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-27 03:15 PM
34
cve
cve

CVE-2022-4695

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-27 03:15 PM
29
cve
cve

CVE-2022-4734

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1.

8.1CVSS

4.5AI Score

0.001EPSS

2022-12-27 03:15 PM
37
cve
cve

CVE-2022-4767

Denial of Service in GitHub repository usememos/memos prior to 0.9.1.

7.5CVSS

7.4AI Score

0.001EPSS

2022-12-27 03:15 PM
37
cve
cve

CVE-2022-4796

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.

8.1CVSS

8.1AI Score

0.001EPSS

2022-12-28 02:15 PM
37
cve
cve

CVE-2022-4797

Improper Restriction of Excessive Authentication Attempts in GitHub repository usememos/memos prior to 0.9.1.

4.3CVSS

4.6AI Score

0.001EPSS

2022-12-28 02:15 PM
49
cve
cve

CVE-2022-4798

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

5.3CVSS

5.2AI Score

0.001EPSS

2022-12-28 02:15 PM
42
cve
cve

CVE-2022-4799

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

6.5CVSS

6.4AI Score

0.001EPSS

2022-12-28 02:15 PM
39
cve
cve

CVE-2022-4800

Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.

6.5CVSS

6.4AI Score

0.001EPSS

2022-12-28 02:15 PM
36
cve
cve

CVE-2022-4801

Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.

5.3CVSS

5.2AI Score

0.001EPSS

2022-12-28 02:15 PM
27
cve
cve

CVE-2022-4802

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

5.4CVSS

5.4AI Score

0.001EPSS

2022-12-28 02:15 PM
41
cve
cve

CVE-2022-4803

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

8.8CVSS

8.6AI Score

0.001EPSS

2022-12-28 02:15 PM
40
cve
cve

CVE-2022-4804

Improper Authorization in GitHub repository usememos/memos prior to 0.9.1.

5.3CVSS

5.2AI Score

0.001EPSS

2022-12-28 02:15 PM
36
cve
cve

CVE-2022-4805

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.

4.3CVSS

4.6AI Score

0.001EPSS

2022-12-28 02:15 PM
32
cve
cve

CVE-2022-4806

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

5.3CVSS

5.2AI Score

0.001EPSS

2022-12-28 02:15 PM
45
cve
cve

CVE-2022-4807

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

4.3CVSS

4.5AI Score

0.001EPSS

2022-12-28 02:15 PM
33
cve
cve

CVE-2022-4808

Improper Privilege Management in GitHub repository usememos/memos prior to 0.9.1.

8.8CVSS

8.7AI Score

0.001EPSS

2022-12-28 02:15 PM
43
cve
cve

CVE-2022-4809

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

8.8CVSS

8.6AI Score

0.001EPSS

2022-12-28 02:15 PM
36
cve
cve

CVE-2022-4810

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

4.3CVSS

4.5AI Score

0.001EPSS

2022-12-28 02:15 PM
35
cve
cve

CVE-2022-4811

Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1.

8.3CVSS

5.4AI Score

0.001EPSS

2022-12-28 02:15 PM
39
cve
cve

CVE-2022-4812

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

6.5CVSS

6.4AI Score

0.001EPSS

2022-12-28 02:15 PM
29
cve
cve

CVE-2022-4813

Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.

4.3CVSS

4.5AI Score

0.001EPSS

2022-12-28 02:15 PM
36
cve
cve

CVE-2022-4814

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

4.3CVSS

4.5AI Score

0.001EPSS

2022-12-28 02:15 PM
26
cve
cve

CVE-2022-4839

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-29 05:15 PM
40
cve
cve

CVE-2022-4840

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-29 05:15 PM
34
cve
cve

CVE-2022-4841

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.

5.4CVSS

5.2AI Score

0.001EPSS

2022-12-29 05:15 PM
38
cve
cve

CVE-2022-4844

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.

8.8CVSS

8.8AI Score

0.001EPSS

2022-12-29 06:15 PM
34
cve
cve

CVE-2022-4845

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.

4.3CVSS

4.6AI Score

0.001EPSS

2022-12-29 06:15 PM
38
cve
cve

CVE-2022-4846

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.

6.5CVSS

6.5AI Score

0.001EPSS

2022-12-29 06:15 PM
37
cve
cve

CVE-2022-4847

Incorrectly Specified Destination in a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.

6.5CVSS

6.3AI Score

0.001EPSS

2022-12-29 06:15 PM
34
cve
cve

CVE-2022-4848

Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.

5.7CVSS

5.5AI Score

0.001EPSS

2022-12-29 06:15 PM
46
cve
cve

CVE-2022-4849

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.

6.5CVSS

6.5AI Score

0.001EPSS

2022-12-29 06:15 PM
45
cve
cve

CVE-2022-4850

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.

6.5CVSS

6.5AI Score

0.001EPSS

2022-12-29 06:15 PM
47
cve
cve

CVE-2022-4851

Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.

5.3CVSS

5.2AI Score

0.001EPSS

2022-12-29 06:15 PM
39
cve
cve

CVE-2022-4863

Improper Handling of Insufficient Permissions or Privileges in GitHub repository usememos/memos prior to 0.9.1.

6.5CVSS

6.4AI Score

0.001EPSS

2022-12-30 04:15 PM
45
cve
cve

CVE-2022-4865

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.

9CVSS

8.5AI Score

0.001EPSS

2022-12-31 09:15 AM
36
cve
cve

CVE-2022-4866

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.

9CVSS

8.5AI Score

0.001EPSS

2022-12-31 09:15 AM
60
cve
cve

CVE-2023-0106

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.

5.4CVSS

5.5AI Score

0.001EPSS

2023-01-07 04:15 AM
37
cve
cve

CVE-2023-0107

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.

5.4CVSS

5.3AI Score

0.001EPSS

2023-01-07 04:15 AM
59
Total number of security vulnerabilities62