Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-42724
app/Controller/UsersController.php in MISP prior to 2.4.164 allows malicious users to discover role names (this is information that only the site admin should have).
Misp-project Malware Information Sharing Platform
4.3
CVSSv2
CVE-2015-5720
Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) prior to 2.3.90 allow remote malicious users to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxifi...
Misp-project Malware Information Sharing Platform
NA
CVE-2023-37306
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.
Misp-project Malware Information Sharing Platform 2.4.172
NA
CVE-2023-28884
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
Misp-project Malware Information Sharing Platform 2.4.169
NA
CVE-2024-29858
In MISP prior to 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload.
NA
CVE-2024-29859
In MISP prior to 2.4.187, add_misp_export in app/Controller/EventsController.php does not properly check for a valid file upload.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10