31 matches found
CVE-2023-4697
Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2.
CVE-2023-5036
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.
CVE-2022-4808
Improper Privilege Management in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4848
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4863
Improper Handling of Insufficient Permissions or Privileges in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4849
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4691
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0.
CVE-2022-4806
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4839
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4841
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4687
Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0.
CVE-2022-4803
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2024-41659
memos is a privacy-first, lightweight note-taking service. A CORS misconfiguration exists in memos 0.20.1 and earlier where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true. This may allow an attacking website to make a cross-origin request, allowing the attacker t...
CVE-2022-4734
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4804
Improper Authorization in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4798
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4799
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4809
Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4684
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.
CVE-2022-4796
Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4800
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4813
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4811
Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1.
CVE-2022-4847
Incorrectly Specified Destination in a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4844
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4812
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4801
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4688
Improper Authorization in GitHub repository usememos/memos prior to 0.9.0.
CVE-2022-4807
Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4814
Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4689
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.