Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp-project misp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48655
An issue exists in MISP prior to 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters.
Misp-project Malware Information Sharing Platform
9.8
CVSSv3
CVE-2023-48656
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php mishandles order clauses.
Misp-project Malware Information Sharing Platform
9.8
CVSSv3
CVE-2023-48657
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php mishandles filters.
Misp-project Malware Information Sharing Platform
9.8
CVSSv3
CVE-2023-48658
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.
Misp-project Malware Information Sharing Platform
9.8
CVSSv3
CVE-2023-48659
An issue exists in MISP prior to 2.4.176. app/Controller/AppController.php mishandles parameter parsing.
Misp-project Malware Information Sharing Platform
7.5
CVSSv3
CVE-2023-37306
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.
Misp-project Malware Information Sharing Platform 2.4.172
5.4
CVSSv3
CVE-2023-37307
In MISP prior to 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
Misp-project Malware Information Sharing Platform
6.1
CVSSv3
CVE-2023-28884
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
Misp-project Malware Information Sharing Platform 2.4.169
6.1
CVSSv3
CVE-2023-28606
js/event-graph.js in MISP prior to 2.4.169 allows XSS via event-graph node tooltips.
Misp-project Malware Information Sharing Platform
6.1
CVSSv3
CVE-2023-28607
js/event-graph.js in MISP prior to 2.4.169 allows XSS via the event-graph relationship tooltip.
Misp-project Malware Information Sharing Platform
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »