Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alienvault vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4375
SQL injection vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions prior to 2.1.5-4, allows remote malicious users to execute arbitrary SQL commands via the id_document parameter...
Alienvault Open Source Security Information Management 2.1.5-2
Alienvault Open Source Security Information Management 2.1.5-1
Alienvault Open Source Security Information Management 2.1.5-3
Alienvault Open Source Security Information Management 2.1.5
1 EDB exploit
NA
CVE-2009-4373
Unrestricted file upload vulnerability in repository/repository_attachment.php in AlienVault Open Source Security Information Management (OSSIM) 2.1.5, and possibly other versions prior to 2.1.5-4, allows remote malicious users to execute arbitrary code by uploading a file with a...
Alienvault Open Source Security Information Management 2.1.5-1
Alienvault Open Source Security Information Management 2.1.5-2
Alienvault Open Source Security Information Management 2.1.5
Alienvault Open Source Security Information Management 2.1.5-3
9.8
CVSSv3
CVE-2016-8582
A vulnerability exists in gauge.php of AlienVault OSSIM and USM prior to 5.3.2 that allows an malicious user to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOAD_FILE.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
1 EDB exploit
9.8
CVSSv3
CVE-2016-8580
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM prior to 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
2 EDB exploits
6.1
CVSSv3
CVE-2016-8581
A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM prior to 5.3.2 that allows an malicious user to steal session IDs of logged in users when the current sessions are viewed by an administrator.
Alienvault Unified Security Management
Alienvault Open Source Security Information And Event Management
1 EDB exploit
6.1
CVSSv3
CVE-2016-8583
Multiple GET parameters in the vulnerability scan scheduler of AlienVault OSSIM and USM prior to 5.3.2 are vulnerable to reflected XSS.
Alienvault Open Source Security Information And Event Management
Alienvault Unified Security Management
5.4
CVSSv3
CVE-2016-6913
Cross-site scripting (XSS) vulnerability in AlienVault OSSIM prior to 5.3 and USM prior to 5.3 allows remote malicious users to inject arbitrary web script or HTML via the back parameter to ossim/conf/reload.php.
Alienvault Open Source Security Information And Event Management
Alienvault Unified Security Management
NA
CVE-2015-3446
The Framework Daemon in AlienVault Unified Security Management prior to 4.15 allows remote malicious users to execute arbitrary Python code via a crafted plugin configuration file (.cfg).
Alienvault Unified Security Management
7.5
CVSSv3
CVE-2020-22650
A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5 causes a denial of service (DOS) via a system crash triggered by the occurrence of a large number of alarm events.
Att Alienvault Ossim 5.0
5.7
CVSSv3
CVE-2017-14956
AlienVault USM v5.4.2 and previous versions offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script. Besides offering an export via a local download, the script also offers the possibility to send out a...
Alienvault Unified Security Management
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »