Vulnerabilities > B3Log
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-03 | CVE-2025-21609 | Incomplete Cleanup vulnerability in B3Log Siyuan 3.1.18 SiYuan is self-hosted, open source personal knowledge management software. | 9.1 |
| 2024-07-21 | CVE-2024-6938 | Unspecified vulnerability in B3Log Siyuan 3.1.0 A vulnerability has been found in SiYuan 3.1.0 and classified as problematic. | 5.4 |
| 2024-04-04 | CVE-2024-2692 | Unspecified vulnerability in B3Log Siyuan 3.0.3 SiYuan version 3.0.3 allows executing arbitrary commands on the server. | 9.0 |
| 2024-02-05 | CVE-2024-23049 | Command Injection vulnerability in B3Log Symphony An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component. | 9.8 |
| 2023-02-21 | CVE-2021-32855 | Cross-site Scripting vulnerability in B3Log Vditor Vditor is a browser-side Markdown editor. | 6.1 |
| 2022-03-31 | CVE-2022-0350 | Unspecified vulnerability in B3Log Vditor Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13. | 5.4 |
| 2022-03-14 | CVE-2022-0341 | Cross-site Scripting vulnerability in B3Log Vditor Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12. | 5.4 |
| 2022-01-23 | CVE-2021-4103 | Unspecified vulnerability in B3Log Vditor 0.2.0/1.0.0 Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 1.0.34. | 5.4 |
| 2019-10-10 | CVE-2019-17488 | Cross-site Scripting vulnerability in B3Log Symphony b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent header. | 6.1 |
| 2019-07-18 | CVE-2019-13915 | Injection vulnerability in B3Log Wide b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. | 7.5 |