Filter
-Infinity
0
Trending
MISPapp/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search.
4.3
First published (updated )
MISPapp/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_para…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MISPIn MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in …
9.8
First published (updated )
MISPIn MISP 2.4.102, an authenticated user can view sightings that they should not be eligible for. Expl…
5.3
First published (updated )
MISPAn issue was discovered in MISP before 2.4.184. A client does not need to use POST to start an expor…
9.8
EPSS
0.09%
First published (updated )
MISPapp/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin …
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MISPIn MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to…
9.8
First published (updated )
MISPIn MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly…
9.8
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MISPWhen MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in conjunctio…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MISPAn issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can bypas…
9.8
First published (updated )
MISPAn issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API in…
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MISPIn app/Controller/TagsController.php in MISP 2.4.118, users can bypass intended restrictions on tagg…
5.3
First published (updated )
MISPMISP before 2.4.115 allows privilege escalation in certain situations. After updating to 2.4.115, es…
6.5
First published (updated )
MISPapp/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator becaus…
7.2
First published (updated )
MISPAn issue was discovered in MISP 2.4.108. Organization admins could reset credentials for site admins…
6.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.