Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
misp misp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-48658
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.
Misp-project Malware Information Sharing Platform
9.8
CVSSv3
CVE-2023-48659
An issue exists in MISP prior to 2.4.176. app/Controller/AppController.php mishandles parameter parsing.
Misp-project Malware Information Sharing Platform
6.1
CVSSv3
CVE-2023-24070
app/View/AuthKeys/authkey_display.ctp in MISP up to and including 2.4.167 has an XSS in authkey add via a Referer field.
Misp-project Malware Information Sharing Platform
6.1
CVSSv3
CVE-2022-47928
In MISP prior to 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.
Misp-project Malware Information Sharing Platform
9.8
CVSSv3
CVE-2023-48657
An issue exists in MISP prior to 2.4.176. app/Model/AppModel.php mishandles filters.
Misp-project Malware Information Sharing Platform
5.4
CVSSv3
CVE-2023-37307
In MISP prior to 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
Misp-project Malware Information Sharing Platform
6.1
CVSSv3
CVE-2023-28607
js/event-graph.js in MISP prior to 2.4.169 allows XSS via the event-graph relationship tooltip.
Misp-project Malware Information Sharing Platform
6.1
CVSSv3
CVE-2023-28606
js/event-graph.js in MISP prior to 2.4.169 allows XSS via event-graph node tooltips.
Misp-project Malware Information Sharing Platform
4.3
CVSSv3
CVE-2022-42724
app/Controller/UsersController.php in MISP prior to 2.4.164 allows malicious users to discover role names (this is information that only the site admin should have).
Misp-project Malware Information Sharing Platform
9.8
CVSSv3
CVE-2015-5719
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) prior to 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
Misp-project Malware Information Sharing Platform
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »