Filtered by vendor Usememos
Subscriptions
Total
64 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22952 | 1 Usememos | 1 Memos | 2025-07-10 | 9.8 Critical |
| elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks. | ||||
| CVE-2024-41659 | 1 Usememos | 1 Memos | 2025-07-10 | 8.1 High |
| memos is a privacy-first, lightweight note-taking service. A CORS misconfiguration exists in memos 0.20.1 and earlier where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true. This may allow an attacking website to make a cross-origin request, allowing the attacker to read private information or make privileged changes to the system as the vulnerable user account. This vulnerability is fixed in 0.21.0. | ||||
| CVE-2024-29030 | 1 Usememos | 1 Memos | 2025-07-07 | 5.8 Medium |
| memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /api/resource that allows authenticated users to enumerate the internal network. Version 0.22.0 of memos removes the vulnerable file. | ||||
| CVE-2024-29028 | 1 Usememos | 1 Memos | 2025-07-07 | 5.8 Medium |
| memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1. | ||||
| CVE-2022-4609 | 1 Usememos | 1 Memos | 2025-04-14 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. | ||||
| CVE-2022-4734 | 1 Usememos | 1 Memos | 2025-04-10 | 8.1 High |
| Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4767 | 1 Usememos | 1 Memos | 2025-04-10 | 7.5 High |
| Denial of Service in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4806 | 1 Usememos | 1 Memos | 2025-04-10 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4807 | 1 Usememos | 1 Memos | 2025-04-10 | 4.3 Medium |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4808 | 1 Usememos | 1 Memos | 2025-04-10 | 8.8 High |
| Improper Privilege Management in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4809 | 1 Usememos | 1 Memos | 2025-04-10 | 8.8 High |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4689 | 1 Usememos | 1 Memos | 2025-04-10 | 8.8 High |
| Improper Access Control in GitHub repository usememos/memos prior to 0.9.0. | ||||
| CVE-2022-4690 | 1 Usememos | 1 Memos | 2025-04-10 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. | ||||
| CVE-2022-4691 | 1 Usememos | 1 Memos | 2025-04-10 | 5.4 Medium |
| Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. | ||||
| CVE-2022-4796 | 1 Usememos | 1 Memos | 2025-04-10 | 8.1 High |
| Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4797 | 1 Usememos | 1 Memos | 2025-04-10 | 4.3 Medium |
| Improper Restriction of Excessive Authentication Attempts in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4798 | 1 Usememos | 1 Memos | 2025-04-10 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4799 | 1 Usememos | 1 Memos | 2025-04-10 | 6.5 Medium |
| Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4800 | 1 Usememos | 1 Memos | 2025-04-10 | 6.5 Medium |
| Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1. | ||||
| CVE-2022-4801 | 1 Usememos | 1 Memos | 2025-04-10 | 5.3 Medium |
| Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. | ||||