Alienvault Open_source_security_information_management
16 CVEs affecting Alienvault Open_source_security_information_management. Latest disclosed: 2017-05-23. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-4046 | High | 7.2 | 2017-05-23 | The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to… |
CVE-2015-4045 | Medium | 6.7 | 2017-05-23 | The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script. |
CVE-2014-5383 | | 2014-08-21 | SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |
CVE-2014-5210 | | 2014-08-21 | The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) remote_task or (2) get_lic… | |
CVE-2014-5159 | | 2014-08-21 | SQL injection vulnerability in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbitrary SQL commands via the w… | |
CVE-2014-5158 | | 2014-08-21 | The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arbit… | |
CVE-2014-4153 | | 2014-06-18 | The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to read arbitrary files via a crafted get_file request. | |
CVE-2014-4152 | | 2014-06-18 | The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute arbitrary code via a crafted remote_task request, related to in… | |
CVE-2014-4151 | | 2014-06-18 | The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted set_fil… | |
CVE-2014-3805 | | 2014-06-13 | The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) get_license, (2) get_log_l… | |
CVE-2014-3804 | | 2014-06-13 | The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) update_system_info_debian_… | |
CVE-2013-5967 | | 2013-10-09 | Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbi… | |
CVE-2013-5321 | | 2013-08-20 | Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attackers to execute arbitrary SQL co… | |
CVE-2013-5300 | | 2013-08-15 | Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow remote attackers to in… | |
CVE-2012-3835 | | 2012-07-03 | Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 3.1 allow remote attackers to inject arbi… | |
CVE-2012-3834 | | 2012-07-03 | SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated us… |