github.com/usememos/memos is vulnerable to information disclosure. A remote authenticated attacker is able to gain access to confidential user details via the `api/status` endpoint, which returns emai ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to insecure direct object references. Improper Authorization due to insecure direct object references allow an attacker to trigger the `Reset` API on user's beh ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to improper authentication. The vulnerability allows a remote attacker to use the `Reset` API on any user without consent via IDOR.Read More ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to cross-site request forgery. An attacker is able to add new members, via `user` API by exploiting the CSRF issue.Read More ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to cross-site request forgery. The vulnerability exists in an incorrectly specified destination in a communication channel which allows an attacker to change th ...
Continue Reading
January 04, 2023
github.com/usememos/memos is vulnerable to cross-site request forgery. An attacker is able to force the change of a password and/or other personal information on a user's behalf, through `shortcut` AP ...
Continue Reading
January 04, 2023
Gravitee API Management before 3.15.13 allows path traversal through HTML injection.Read More ...
Continue Reading
January 04, 2023
## Summary An information disclosure vulnerability in Kubernetes used by IBM InfoSphere Information Server was addressed. ## Vulnerability Details ** CVEID: **[CVE-2021-25740]() ** DESCRIPTION: **Kube ...
Continue Reading
January 03, 2023
Back to Main
