Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

Critical
sequelize: GSA_kwCzR0hTQS12cWZ4LWdqOTYtM3c5Nc4AAxyK
Unsafe fall-through in getWhereConditions
Ecosystems: npm
Packages: @sequelize/core, sequelize
Source: github
Published: almost 2 years ago
Critical
sequelize: GSA_kwCzR0hTQS13cmg5LWNqdjMtMmhwd84AAxxu
Sequelize vulnerable to SQL Injection via replacements
Ecosystems: npm
Packages: sequelize
Source: github
Published: almost 2 years ago
High
apollo: GSA_kwCzR0hTQS0zNjh4LXdtbWctaHE1Y84AAxxt
Apollo has potential access control security issue in eureka
Ecosystems: maven
Packages: com.ctrip.framework.apollo:apollo
Source: github
Published: almost 2 years ago
Moderate
apollo: GSA_kwCzR0hTQS1mbXhxLXY4bWctcWgyNc4AAxxs
apollo-portal has potential CSRF issue
Ecosystems: maven
Packages: com.ctrip.framework.apollo:apollo
Source: github
Published: almost 2 years ago
Moderate
microweber: GSA_kwCzR0hTQS1tdjM3LXhybWMtaGY2NM4AAxwi
Microweber Cross-site Scripting vulnerability
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 2 years ago
Moderate
pixelfed: GSA_kwCzR0hTQS1xaDZ3LXBxNTItcXh4cc4AAxuy
Pixelfed may allow unauthorized actor to view private posts
Ecosystems: packagist
Packages: pixelfed/pixelfed
Source: github
Published: almost 2 years ago
Moderate
pixelfed: GSA_kwCzR0hTQS12anh4LWpnY3gtOWZxMs4AAxul
Pixelfed allows user enumeration via reset password functionality
Ecosystems: packagist
Packages: pixelfed/pixelfed
Source: github
Published: almost 2 years ago
Moderate
undici: GSA_kwCzR0hTQS01cjlnLXFoNm0tanhmZs4AAxq9
CRLF Injection in Nodejs ‘undici’ via host
Ecosystems: npm
Packages: undici
Source: github
Published: almost 2 years ago
High
undici: GSA_kwCzR0hTQS1yNmNoLW1xZjktcWM5d84AAxq-
Regular Expression Denial of Service in Headers
Ecosystems: npm
Packages: undici
Source: github
Published: almost 2 years ago
Moderate
sequelize: GSA_kwCzR0hTQS04YzI1LWYzbWotdjZoOM4AAxqp
Sequelize information disclosure vulnerability
Ecosystems: npm
Packages: @sequelize/core, sequelize
Source: github
Published: almost 2 years ago
Critical
sequelize: GSA_kwCzR0hTQS04bXdxLW1qNzMtcXY2OM4AAxqm
Duplicate advisory: Sequelize vulnerable to Improper Filtering of Special Elements
Ecosystems: npm
Packages: sequelize, @sequelize/core
Source: github
Published: almost 2 years ago
High
Kiwi: GSA_kwCzR0hTQS03OTY4LWg0bTQtZ2htOc4AAxpr
No protection against brute-force attacks on login page
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: almost 2 years ago
High
Kiwi: GSA_kwCzR0hTQS03ajloLTNqeGYtM3ZyZs4AAxpq
Denial of service vulnerability on Password reset page
Ecosystems: pypi
Packages: kiwitcms
Source: github
Published: almost 2 years ago
Moderate
memos: GSA_kwCzR0hTQS05dzh4LTVodjUtcjZnd84AAxpQ
Cross Site Scripting in usememos/memos
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: almost 2 years ago
Moderate
react-admin: GSA_kwCzR0hTQS01amNyLTgyZmgtMzM5ds4AAxmS
Cross-Site-Scripting attack on `<RichTextField>`
Ecosystems: npm
Packages: ra-ui-materialui, react-admin
Source: github
Published: almost 2 years ago
Moderate
formula: GSA_kwCzR0hTQS1jMmpjLTRmcHItNHZoZ84AAxfy
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability
Ecosystems: npm
Packages: @sideway/formula
Source: github
Published: almost 2 years ago
Moderate
wallabag: GSA_kwCzR0hTQS0ycXhwLXhteDYtY3E0Zs4AAxel
Cross-Site Request Forgery (CSRF) in wallabag/wallabag
Ecosystems: packagist
Packages: wallabag/wallabag
Source: github
Published: almost 2 years ago
Moderate
wallabag: GSA_kwCzR0hTQS0zeDJjLTg3Y3EtcXg0Oc4AAxei
Cross-site Scripting (XSS) in wallabag/wallabag
Ecosystems: packagist
Packages: wallabag/wallabag
Source: github
Published: almost 2 years ago
Low
tokio: GSA_kwCzR0hTQS00cTgzLTdjcTQtcDZ3Z84AAxat
`tokio::io::ReadHalf<T>::unsplit` is Unsound
Ecosystems: cargo
Packages: tokio
Source: github
Published: almost 2 years ago
Moderate
wallabag: GSA_kwCzR0hTQS1tcnF4LW1qYzQtdmZoM84AAxYc
wallabag subject to Improper Authorization via annotations
Ecosystems: packagist
Packages: wallabag/wallabag
Source: github
Published: almost 2 years ago
Moderate
wallabag: GSA_kwCzR0hTQS1xd3g4LW14eHgtbWc5Ns4AAxYb
wallabag contains Improper Authorization via export feature
Ecosystems: packagist
Packages: wallabag/wallabag
Source: github
Published: almost 2 years ago
Moderate
wallabag: GSA_kwCzR0hTQS1oNDVmLXJqdnctMnJ2Ms4AAxUc
Withdrawn: wallabag subject to Improper Authorization
Ecosystems: packagist
Packages: wallabag/wallabag
Source: github
Published: almost 2 years ago
Moderate
wallabag: GSA_kwCzR0hTQS14cnczLXdxcGgtM2Z4Z84AAxUd
Withdrawn: wallabag subject to Improper Authorization via annotations
Ecosystems: packagist
Packages: wallabag/wallabag
Source: github
Published: almost 2 years ago
Moderate
microweber: GSA_kwCzR0hTQS1wajk3LXI4M3Ytdmo3Zs4AAxT0
Microweber contains Cross-site Scripting
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: almost 2 years ago
High
parse-server: GSA_kwCzR0hTQS12bTVyLWM4N3ItcGY2eM4AAxTe
Parse Server option `masterKeyIps` vulnerability to IP spoofing
Ecosystems: npm
Packages: parse-server
Source: github
Published: almost 2 years ago
High
magento-lts: GSA_kwCzR0hTQS1oNjMyLXA3NjQtcGpxbc4AAxOZ
DataFlow upload remote code execution vulnerability
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
High
magento-lts: GSA_kwCzR0hTQS01ajJnLTNwaDQtcmd2bc4AAxOY
Fix for authenticated remote code execution through layout update
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
Moderate
magento-lts: GSA_kwCzR0hTQS0zcDczLW1tN3YtNGY2bc4AAxOW
DoS vulnerability in MaliciousCode filter
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
High
magento-lts: GSA_kwCzR0hTQS01dnB2LXhtY2otOXE4Nc4AAxOV
Fix for arbitrary file deletion in customer media allows for remote code execution
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
High
magento-lts: GSA_kwCzR0hTQS1jOXEzLXI0cnYtbWptN84AAxOU
Fix for arbitrary command execution in custom layout update through blocks
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
Moderate
magento-lts: GSA_kwCzR0hTQS1yM2M5LTlqNXEtcHd2NM4AAxJH
magento-lts Reset Password not protected against well-timed CSRF
Ecosystems: packagist
Packages: openmage/magento-lts
Source: github
Published: almost 2 years ago
Moderate
commonmarker: GSA_kwCzR0hTQS02MzZmLXhtNWotcGo5bc4AAxIx
Several quadratic complexity bugs may lead to denial of service in Commonmarker
Ecosystems: rubygems
Packages: commonmarker
Source: github
Published: almost 2 years ago
High
ua-parser-js: GSA_kwCzR0hTQS1maGc3LW04OXEtMjVyM84AAxIw
ReDoS Vulnerability in ua-parser-js version
Ecosystems: npm
Packages: ua-parser-js
Source: github
Published: almost 2 years ago
Moderate
sonic: GSA_kwCzR0hTQS0yeDQ4LXA2Y3EtNXhjd84AAxHY
Path Traversal in github.com/go-sonic/sonic
Ecosystems: go
Packages: github.com/go-sonic/sonic
Source: github
Published: almost 2 years ago
High
yii2-gii: GSA_kwCzR0hTQS0zbXBnLXEyNmotODNqNc4AAxHH
Command injection in yiisoft/yii2-gii
Ecosystems: packagist
Packages: yiisoft/yii2-gii
Source: github
Published: almost 2 years ago
Moderate
libgit2: GSA_kwCzR0hTQS1tNGNoLXJmdjUteDVnM84AAxHC
git2-rs fails to verify SSH keys by default
Ecosystems: cargo
Packages: git2, libgit2-sys
Source: github
Published: almost 2 years ago
Critical
electerm: GSA_kwCzR0hTQS14NzN3LWc4aHgtdjdycM4AAxGk
Code injection in electerm
Ecosystems: npm
Packages: electerm
Source: github
Published: almost 2 years ago
High
RSSHub: GSA_kwCzR0hTQS02NHdwLWpoOXAtNWNnMs4AAw6f
RSSHub SSRF vulnerability
Ecosystems: npm
Packages: rsshub
Source: github
Published: almost 2 years ago
Low
framework: GSA_kwCzR0hTQS1ocGgzLWh2M2MtNzcyNc4AAw3b
Any Flarum user including unactivated can reply in public discussions whose first post was permanently deleted
Ecosystems: packagist
Packages: flarum/core
Source: github
Published: almost 2 years ago
Moderate
framework: GSA_kwCzR0hTQS04Z2NnLXZ3bXctcnhqNM4AAw3a
Flarum notifications can leak restricted content
Ecosystems: packagist
Packages: flarum/core
Source: github
Published: almost 2 years ago
High
framework: GSA_kwCzR0hTQS0yMm05LW0zd3ctNTNoM84AAw3Z
Flarum post mentions can be used to read any post on the forum without access control
Ecosystems: packagist
Packages: flarum/mentions
Source: github
Published: almost 2 years ago
High
node-convict: GSA_kwCzR0hTQS00anJtLWMzMngtdzRqZs4AAw3Y
convict vulnerable to Prototype Pollution
Ecosystems: npm
Packages: convict
Source: github
Published: almost 2 years ago
High
debug: GSA_kwCzR0hTQS05dnZ3LWNjOXctZjI3aM4AAw0l
debug Inefficient Regular Expression Complexity vulnerability
Ecosystems: npm
Packages: debug
Source: github
Published: almost 2 years ago
Moderate
memos: GSA_kwCzR0hTQS04Njg2LTRjcjMtNzZ3as4AAwyw
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: almost 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1wY3ZoLXB4MnAtdm14d84AAwyz
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: almost 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1oMnBoLTlyNzYtMzd2Nc4AAwyv
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: almost 2 years ago
Moderate
memos: GSA_kwCzR0hTQS05aDd4LTlwbWgtN2dnOM4AAwyu
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: almost 2 years ago
Moderate
memos: GSA_kwCzR0hTQS14MjJ2LXFnbTItN3FjN84AAwyx
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: almost 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1mcGpjLWN4cjYtdzZoOM4AAwyy
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: almost 2 years ago
Moderate
tokio: GSA_kwCzR0hTQS03cnJqLXhyNTMtODJwN84AAwyk
Tokio reject_remote_clients configuration may get dropped when creating a Windows named pipe
Ecosystems: cargo
Packages: tokio
Source: github
Published: almost 2 years ago
Critical
memos: GSA_kwCzR0hTQS04dzVxLTVmcHEtdjRwbc4AAwrb
usememos/memos Cross-site Scripting vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Critical
memos: GSA_kwCzR0hTQS14OXA5LXYzeDYtNjhtcc4AAwra
usememos/memos vulnerable to Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS02d2hqLThnOWctNWp2eM4AAwqm
usememos/memos vulnerable to Improper Handling of Insufficient Permissions or Privileges
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1jd3JtLTMzcXEtNHcyeM4AAwp6
usememos/memos Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS12aDQzLWNjNngtcHJwcs4AAwqF
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1jNWhxLTM1aDctcjl4NM4AAwqA
usememos/memos Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1wd2hyLXA2OHctMjk2eM4AAwqE
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS01anFwLXdtaGotZzMzZs4AAwqB
usememos/memos Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1ybWh4LTloNWgtM3hoM84AAwqC
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1neHFmLTRnNHAtcTNoY84AAwqD
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1ndzltLTJtNXYtYzZ4Nc4AAwp7
usememos/memos Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS02NDJxLTJxNjgtOWozcM4AAwp-
usememos/memos Cross-Site Request Forgery vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1yN2hnLTJjcHAtOHdxcc4AAwp_
usememos/memos has Incorrectly Specified Destination in a Communication Channel
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS00MnEyLW01NGYtamg5Nc4AAwp8
sememos/memos vulnerable to Improper Handling of Values
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1tNXByLXdtNnEteDRnMs4AAwpL
usememos/memos vulnerable to Comparison of Object References Instead of Object Contents
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1nZmo0LXdnODktbTIycs4AAwo7
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS02Zng5LTI5eDItZm1mas4AAwpG
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS1yM3AzLTVmMzUtaDZtZs4AAwpF
usememos/memos Improper Privilege Management vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1oYzVxLTI2aDgtcjl3Zs4AAwo6
usememos/memos Improper Authorization vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1tcTVxLWdwZ3YtcHd4d84AAwpH
usememos/memos Incorrect Use of Privileged APIs vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS03cXB3LTJqOW0tcnc4Y84AAwpJ
usememos/memos has Insufficient Granularity of Access Control
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1xZjlxLTN3d3gtOHFqds4AAwpE
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS02dzV3LXd4OHctMmNxOc4AAwpK
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1wcDNwLTZqamgtcm1nN84AAwpC
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1mODNwLXBnODYtcDkyMs4AAwpB
usememos/memos has Insufficient Granularity of Access Control
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1tZnZxLW0zamotODg2NM4AAwo8
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1xY2Y1LW0yYzYtODlmMs4AAwo_
usememos/memos Improper Authorization vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS1tZm1wLThtcWctcTR3bc4AAwpD
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1yeDJtLXhyNHgtNTRoaM4AAwpA
usememos/memos vulnerable to Improper Authorization
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1xdzM2LXJ3NXEtZ3hjcc4AAwpI
usememos/memos Improper Authorization vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1qdnE4LXc3cXYtaHFwNs4AAwo-
usememos/memos Improper Authentication vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS1naHgyLTZ2NGctOXdtbc4AAwo5
usememos/memos makes Incorrect Use of Privileged APIs
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1xcnJmLXh2Y2YtcDY0cc4AAwo9
usememos/memos vulnerable Improper Restriction of Excessive Authentication Attempts
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
microweber: GSA_kwCzR0hTQS04aDQzLXhnNWctOWNqN84AAwnh
Microweber vulnerable to unrestricted malicious uploads
Ecosystems: packagist
Packages: microweber/microweber
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS12OTJwLXBobXAteGZmcs4AAwno
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1jMnY0LThyOWctZzV4as4AAwnt
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS05N3JjLW1tNWotZjZyas4AAwnr
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1qNTkzLWg1djMtNDV4Ns4AAwny
usememos/memos may leak user information to an authenticated user
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS0zM204LWY0aHctd20zcc4AAwne
usememos/memos Denial of Service vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
markdown-it: GSA_kwCzR0hTQS1qNXA3LWpmNHEtNzQycc4AAwnP
markdown-it vulnerable to Inefficient Regular Expression Complexity
Ecosystems: npm
Packages: markdown-it
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1mNTUyLTk3cXgtYzY5NM4AAwk8
usememos/memos vulnerable to stored Cross-site Scripting
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Critical
framework: GSA_kwCzR0hTQS1wNHFyLXZxMmctMjJ3cM4AAwkn
ThinkPHP Framework vulnerable to remote code execution
Ecosystems: packagist
Packages: topthink/framework
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1xY3cyLTQ5MnYtNTd4as4AAwkV
usememos/memos missing Secure cookie attribute
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS1mdjZjLXJmZzMtZ3Zqd84AAwkU
usememos/memos makes Incorrect Use of Privileged APIs
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS1xcjUyLTU5cjYtNDlmNM4AAwkX
usememos/memos Improper Access Control vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS13NTd2LTZ4cDQtcm0yds4AAwkT
usememos/memos vulnerable to account takeover due to improper access control
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS05djQ4LTJoNXgtZnZwbc4AAwkS
usememos/memos vulnerable to improper access control
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Critical
memos: GSA_kwCzR0hTQS02OGd3LXIyeDUtN3I1cs4AAwkY
usememos/memos Authorization Bypass Through User-Controlled Key vulnerability
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
High
memos: GSA_kwCzR0hTQS12d2c0LTg0NngtZjk0ds4AAwkW
usememos/memos vulnerable to improper authorization
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago
Moderate
memos: GSA_kwCzR0hTQS1jOGpoLXZjamgtZngyd84AAwkR
usememos/memos vulnerable to stored cross-site scripting (XSS)
Ecosystems: go
Packages: github.com/usememos/memos
Source: github
Published: about 2 years ago