Software
Misp Mispapp/Controller/UserLoginProfilesController.php in MISP before 2.4.198 does not prevent an org admin …
Misp MispIn MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to…
Misp MispAn issue was discovered in MISP before 2.4.184. A client does not need to use POST to start an expor…
Misp Mispapp/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Misp Mispapp/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_para…
Misp MispMISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Misp MispAn issue was discovered in MISP before 2.4.158. In UsersController.php, password confirmation can be…
Misp MispAn issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Misp MispAn issue was discovered in MISP before 2.4.156. app/View/Users/terms.ctp allows Local File Inclusion…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Misp MispIn MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Misp Mispapp/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanit…
Misp MispIn app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association could lead to in…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Misp MispAn issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation o…
Misp MispThe default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmati…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Misp MispMISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and a…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Misp MispAn issue was discovered in MISP before 2.4.132. It can perform an unwanted action because of a POST …
Misp MispAn issue was discovered in MISP 2.4.128. app/Controller/EventsController.php lacks an event ACL chec…
Misp MispAn issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient AC…
Misp Mispapp/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations. This occurs w…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
MISP MISP-maltegoMISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-transform use …
Misp Mispapp/Model/feed.php in MISP before 2.4.124 allows administrators to choose arbitrary files that shoul…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.