Lucene search
K

9 matches found

NVD
NVD
added 2026/06/12 9:16 p.m.10 views

CVE-2026-54397

A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharinggroupid to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the...

6.1CVSS0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 8:55 p.m.6 views

CVE-2026-54397 MISP event editing allows unauthorized assignment to undisclosed sharing groups

A vulnerability in MISP’s non-REST event editing path allowed an authenticated user with event edit permissions to manipulate the submitted form data and set an event’s sharinggroupid to a sharing group they were not authorized to use. When distribution was set to sharing group distribution, the...

6.1CVSS5.2AI score0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.14 views

PT-2026-48999

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description An issue in the non-REST event editing path allows an authenticated user with event edit permissions to manipulate submitted form data. By tampering with the event edit request, a user can set t...

6.1CVSS5.2AI score0.00226EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-20556

Malware in sbrugna...

5.5CVSS4.8AI score0.00765EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-41435

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00863EPSS
Exploits1References1
OSV
OSV
added 2021/09/13 6:15 p.m.2 views

CVE-2021-24510

The MF Gig Calendar WordPress plugin before 1.2 does not sanitise and escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue...

6.1CVSS6.4AI score0.0231EPSS
Exploits1References1
Prion
Prion
added 2021/09/13 6:15 p.m.11 views

Cross site scripting

The MF Gig Calendar WordPress plugin before 1.2 does not sanitise and escape the id GET parameter before outputting back in the admin dashboard when editing an Event, leading to a reflected Cross-Site Scripting issue...

4.3CVSS6AI score0.0231EPSS
Exploits1References1Affected Software1
Fedora
Fedora
added 2021/03/20 12:21 a.m.47 views

[SECURITY] Fedora 34 Update: gnome-calendar-40~rc-1.fc34

Calendar is a simple and beautiful calendar application designed to fit GNOME 3. Features: Week, month and year views Basic editing of events Evolution Data Server integration Search support...

5.5CVSS2.4AI score0.00639EPSS
Exploits1
OSV
OSV
added 2018/06/11 9:29 p.m.8 views

CVE-2018-5096

A use-after-free vulnerability can occur while editing events in form elements on a page, resulting in a potentially exploitable crash. This vulnerability affects Firefox ESR 52.6 and Thunderbird 52.6...

9.8CVSS9.2AI score
Exploits0References10
Rows per page
Query Builder