Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alienvault open source security information management vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
7.5
CVSSv3
CVE-2013-6056
OSSIM prior to 4.3.3.1 has tele_compress.php path traversal vulnerability
Alienvault Open Source Security Information Management
9.8
CVSSv3
CVE-2018-7279
A remote code execution issue exists in AlienVault USM and OSSIM prior to 5.5.1.
Alienvault Unified Security Management
Alienvault Open Source Security Information Management
6.7
CVSSv3
CVE-2015-4045
The sudoers file in the asset discovery scanner in AlienVault OSSIM prior to 5.0.1 allows local users to gain privileges via a crafted nmap script.
Alienvault Open Source Security Information Management
7.2
CVSSv3
CVE-2015-4046
The asset discovery scanner in AlienVault OSSIM prior to 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php.
Alienvault Open Source Security Information Management
9.8
CVSSv3
CVE-2016-8580
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM prior to 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
2 EDB exploits
6.1
CVSSv3
CVE-2016-8581
A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM prior to 5.3.2 that allows an malicious user to steal session IDs of logged in users when the current sessions are viewed by an administrator.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
1 EDB exploit
9.8
CVSSv3
CVE-2016-8582
A vulnerability exists in gauge.php of AlienVault OSSIM and USM prior to 5.3.2 that allows an malicious user to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOAD_FILE.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
1 EDB exploit
6.1
CVSSv3
CVE-2016-8583
Multiple GET parameters in the vulnerability scan scheduler of AlienVault OSSIM and USM prior to 5.3.2 are vulnerable to reflected XSS.
Alienvault Open Source Security Information And Event Management
Alienvault Unified Security Management
5.4
CVSSv3
CVE-2016-6913
Cross-site scripting (XSS) vulnerability in AlienVault OSSIM prior to 5.3 and USM prior to 5.3 allows remote malicious users to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php.
Alienvault Open Source Security Information And Event Management
Alienvault Unified Security Management
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »