Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp misp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-48656
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php mishandles order clauses.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-48657
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php mishandles filters.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-48658
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-48659
An issue exists in MISP prior to 2.4.176. app/Controller/AppController.php mishandles parameter parsing.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-28606
js/event-graph.js in MISP prior to 2.4.169 allows XSS via event-graph node tooltips.
Misp-project Malware Information Sharing Platform
NA
CVE-2023-28607
js/event-graph.js in MISP prior to 2.4.169 allows XSS via the event-graph relationship tooltip.
Misp-project Malware Information Sharing Platform
NA
CVE-2022-42724
app/Controller/UsersController.php in MISP prior to 2.4.164 allows malicious users to discover role names (this is information that only the site admin should have).
Misp-project Malware Information Sharing Platform
NA
CVE-2022-47928
In MISP prior to 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.
Misp-project Malware Information Sharing Platform
890
VMScore
CVE-2015-5719
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) prior to 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
Misp-project Malware Information Sharing Platform
668
VMScore
CVE-2015-5721
Malware Information Sharing Platform (MISP) prior to 2.3.90 allows remote malicious users to conduct PHP object injection attacks via crafted serialized data, related to TemplatesController.php and populate_event_from_template_attributes.ctp.
Misp-project Malware Information Sharing Platform
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »