Skip to main content
CVE-2022-4812 MEDIUM POC PATCH This Month

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-4800 MEDIUM POC PATCH This Month

Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Memos
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-4799 MEDIUM POC PATCH This Month

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-46172 MEDIUM POC This Month

authentik is an open-source Identity provider focused on flexibility and versatility. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Authentik
NVD GitHub
CVSS 3.1
6.4
EPSS
0.5%
CVE-2022-23544 MEDIUM POC PATCH This Month

MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing and performance testing. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SSRF XSS Metersphere
NVD GitHub
CVSS 3.1
6.1
EPSS
1.6%
CVE-2022-4811 MEDIUM POC PATCH This Month

Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.9.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-4802 MEDIUM POC PATCH This Month

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-4806 MEDIUM POC PATCH This Month

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-4804 MEDIUM POC PATCH This Month

Improper Authorization in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2022-4801 MEDIUM POC PATCH This Month

Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Memos
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-4798 MEDIUM POC PATCH This Month

Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-3922 MEDIUM POC This Month

The Broken Link Checker WordPress plugin before 1.11.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Broken Link Checker
NVD WPScan
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-4814 MEDIUM POC PATCH This Month

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-4813 MEDIUM POC PATCH This Month

Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Memos
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-4810 MEDIUM POC PATCH This Month

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-4807 MEDIUM POC PATCH This Month

Improper Access Control in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Memos
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-4805 MEDIUM POC PATCH This Month

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Memos
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-4797 MEDIUM POC PATCH This Month

Improper Restriction of Excessive Authentication Attempts in GitHub repository usememos/memos prior to 0.9.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Memos
NVD GitHub
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-46740 MEDIUM This Month

There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Denial Of Service Ws7100 20 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-41579 MEDIUM This Month

There is an insufficient authentication vulnerability in some Huawei band products. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei Hota Fara B19 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-46173 MEDIUM PATCH This Month

Elrond-GO is a go implementation for the Elrond Network protocol. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Elrond Go
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-3346 MEDIUM This Month

DNSSEC validation is not performed correctly. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Go Resolver
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2022-4822 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, has been found in FlatPress.lib.php of the component Setup. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Flatpress
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4821 MEDIUM PATCH This Month

A vulnerability classified as problematic was found in FlatPress. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Flatpress
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4820 MEDIUM PATCH This Month

A vulnerability classified as problematic has been found in FlatPress. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Flatpress
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4819 MEDIUM PATCH This Month

A vulnerability was found in HotCRP. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Hotcrp
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-4823 MEDIUM PATCH This Month

A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Nuntium
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.6%
CVE-2022-45874 MEDIUM This Month

Huawei Aslan Children's Watch has an improper authorization vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Huawei Aslan Al10 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2022-23554 MEDIUM PATCH This Month

Alpine is a scaffolding library in Java. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Alpine
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-4818 MEDIUM PATCH This Month

A vulnerability was found in Talend Open Studio for MDM. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Open Studio For Mdm
NVD VulDB GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-46174 MEDIUM PATCH This Month

efs-utils is a set of Utilities for Amazon Elastic File System (EFS). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Race Condition Information Disclosure Elastic Efs Utils Elastic File System Container Storage Interface Driver
NVD GitHub
CVSS 3.1
4.2
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy