Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:misp-project:malware_information_sharing_platform:2.4.172:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-48659 |
An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing. Published: November 17, 2023; 12:15:12 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-48658 |
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space. Published: November 17, 2023; 12:15:12 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-48657 |
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters. Published: November 17, 2023; 12:15:12 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-48656 |
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses. Published: November 17, 2023; 12:15:12 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-48655 |
An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters. Published: November 17, 2023; 12:15:12 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-37306 |
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages. Published: June 30, 2023; 1:15:09 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |