Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp-project vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-5719
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) prior to 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
Misp-project Malware Information Sharing Platform
7.5
CVSSv2
CVE-2015-5721
Malware Information Sharing Platform (MISP) prior to 2.3.90 allows remote malicious users to conduct PHP object injection attacks via crafted serialized data, related to TemplatesController.php and populate_event_from_template_attributes.ctp.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-37307
In MISP prior to 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-37306
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.
Misp-project Malware Information Sharing Platform 2.4.172
NA
CVE-2023-28884
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
Misp-project Malware Information Sharing Platform 2.4.169
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3