This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
January 04, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
January 04, 2023
Following the coordinated and responsible vulnerability disclosure guidelines of the **[ISO 29147]()** standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. not ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to information disclosure. A remote authenticated attacker is able to view any content from private memos from other users via the API.Read More ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to information disclosure. An attacker is able to make a private memo into a public memo in order to view it using the memo ID via making a PATCH request to `/a ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to privilege escalation. An authenticated user is able to delete all notes of the whole application via the `DELETE` API.Read More ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to cross-site request forgery. An attacker is able to add new members with any role, via the `user` API, which allows the attacker to takeover memos application ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to cross-site request forgery. An attacker is able to send a malicious link via the `memo` API to the victim and when they click on it, any thoughts will be add ...
Continue Reading
January 04, 2023
Back to Main
