Alienvault Open Source Security Information Management — known CVE vulnerabilities
Every CVE whose affected-product data names Alienvault Open Source Security Information Management, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2014-3804 — CVSS 10.0 (critical): The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1)…
CVE-2014-5210 — CVSS 10.0 (critical): The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1)…
CVE-2014-5158 — CVSS 10.0 (critical): The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote…
CVE-2014-4152 — CVSS 10.0 (critical): The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute arbitrary code via a crafted remote_task…
CVE-2014-4151 — CVSS 10.0 (critical): The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code…
CVE-2014-3805 — CVSS 10.0 (critical): The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1)…
CVE-2014-4153 — CVSS 7.8 (high): The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to read arbitrary files via a crafted get_file request.
CVE-2013-5967 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote…
CVE-2009-4372 — CVSS 7.5 (high): AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote attackers…
CVE-2009-4375 — CVSS 7.5 (high): SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM)…
CVE-2009-4374 — CVSS 7.5 (high): Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM)…
CVE-2014-5159 — CVSS 7.5 (high): SQL injection vulnerability in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary…
CVE-2009-4373 — CVSS 7.5 (high): Unrestricted file upload vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management…
CVE-2013-5321 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to…
CVE-2015-4046 — CVSS 7.2 (high): The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets…
CVE-2015-4045 — CVSS 6.7 (medium): The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap…
CVE-2012-3834 — CVSS 6.5 (medium): SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows…
CVE-2014-5383 — CVSS 6.5 (medium): SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via…
CVE-2012-3835 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 3.1 allow remote…
CVE-2013-5300 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow…