Product
alienvault open source security information management
24 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2013-6056
CVE-2018-7279
CVE-2015-4046
CVE-2015-4045
CVE-2014-5383
CVE-2014-5210
CVE-2014-5159
CVE-2014-5158
CVE-2014-4153
CVE-2014-4152
CVE-2014-4151
CVE-2014-3805
CVE-2014-3804
CVE-2013-5967
CVE-2013-5321
CVE-2013-5300
CVE-2012-3835
CVE-2012-3834
CVE-2009-4375
CVE-2009-4374
CVE-2009-4373
CVE-2009-4372
CVE-2008-0920
CVE-2008-0919
< 4.3.3.1
OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability
< 5.5.1
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1.
<= 5.0
The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via t
<= 5.0
The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a craft
<= 4.6.1
SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands v
<= 4.6.1
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (
<= 4.5
SQL injection vulnerability in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remote attackers to execute arb
<= 4.5
The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in AlienVault OSSIM before 4.6.0 allows remo
<= 4.7.0
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to read arbitrary files via a crafted get_fil
<= 4.7.0
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute arbitrary code via a crafted remot
<= 4.7.0
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitra
<= 4.6.1
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (
<= 4.6.1
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (
<= 4.3
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow rem
all versions
Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.1 allow remote attacker
<= 4.2.3
Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0
all versions
Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 3.1 allow re
all versions
SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 a
all versions
SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSS
<= 2.1.5
Directory traversal vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Managemen
all versions
Unrestricted file upload vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Mana
all versions
AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions before 2.1.5-4, allows remote at
<= 0.9.9
SQL injection vulnerability in port/modifyportform.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 allows rem
all versions
Cross-site scripting (XSS) vulnerability in session/login.php in Open Source Security Information Management (OSSIM) 0.9.9 rc5 and