Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
UsememosMemos

64 matches found

CVE
CVEadded 2023/01/07 4:15 a.m.50 views

CVE-2023-0112

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.

7.6CVSS5.4AI score0.0009EPSS
CVE
CVEadded 2022/12/23 12:15 p.m.49 views

CVE-2022-4690

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.

7.1CVSS5.4AI score0.0013EPSS
CVE
CVEadded 2022/12/28 2:15 p.m.49 views

CVE-2022-4812

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.

8.6CVSS6.7AI score0.00039EPSS
CVE
CVEadded 2022/12/27 3:15 p.m.48 views

CVE-2022-4694

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.

5.7CVSS5.2AI score0.00091EPSS
CVE
CVEadded 2022/12/28 2:15 p.m.48 views

CVE-2022-4805

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.

7.3CVSS5AI score0.00049EPSS
CVE
CVEadded 2022/12/23 12:15 p.m.46 views

CVE-2022-4688

Improper Authorization in GitHub repository usememos/memos prior to 0.9.0.

8.8CVSS8.7AI score0.00077EPSS
CVE
CVEadded 2022/12/28 2:15 p.m.46 views

CVE-2022-4801

Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.

8.2CVSS5.7AI score0.00088EPSS
CVE
CVEadded 2022/12/28 2:15 p.m.46 views

CVE-2022-4807

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

8.2CVSS5AI score0.00074EPSS
CVE
CVEadded 2024/11/15 11:15 a.m.46 views

CVE-2023-0109

A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is accessed, the malicious script is executed. This ...

9.8CVSS6.8AI score0.00068EPSS
CVE
CVEadded 2022/12/28 2:15 p.m.45 views

CVE-2022-4814

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.

8.6CVSS5AI score0.00087EPSS
CVE
CVEadded 2022/12/23 12:15 p.m.44 views

CVE-2022-4683

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0.

6.5CVSS5.3AI score0.00168EPSS
CVE
CVEadded 2023/01/07 4:15 a.m.44 views

CVE-2023-0108

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.

7.1CVSS5.4AI score0.00091EPSS
CVE
CVEadded 2022/12/23 12:15 p.m.43 views

CVE-2022-4689

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.

8.8CVSS8.6AI score0.00073EPSS
CVE
CVEadded 2024/04/19 3:15 p.m.41 views

CVE-2024-29028

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1.

5.8CVSS5.5AI score0.00087EPSS
Total number of security vulnerabilities64