GCVE - cpe:2.3:a:alienvault:open_source_security_information

Approved changes feed: RSS · Atom

cpe:2.3:a:alienvault:open_source_security_information_management:4.6:*:*:*:*:*:*:*

part: a version: 4.6 update: *

Vendor	Alienvault (`d51cdd55-2f5a-537b-8b4f-3f5508c62127`)
Product	Open Source Security Information Management (`c424aed5-7bae-51d4-809e-50370ba8bb95`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/alienfault/ossim`	purl2cpe	2026-06-01 10:12:38.921785
`pkg:sourceforge/os-sim`	purl2cpe	2026-06-01 10:12:38.921786

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-5383`	vulnerable	2026-06-08 05:05:47.763386	Details available SQL injection vulnerability in AlienVault OSSIM before 4.7.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Published: 2014-08-21T14:00:00.000Z Updated: 2024-08-06T11:41:49.070Z Open on db.gcve.eu Reference links http://forums.alienvault.com/discussion/2690 http://www.securityfocus.com/bid/67312	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-5210`	vulnerable	2026-06-08 05:05:47.177467	Details available The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) remote_task or (2) get_license request, a different vulnerability than CVE-2014-3804 and CVE-2014-3805. Published: 2014-08-21T14:00:00.000Z Updated: 2024-08-06T11:41:47.687Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/69239 http://www.zerodayinitiative.com/advisories/ZDI-14-294/ http://forums.alienvault.com/discussion/2690 http://www.zerodayinitiative.com/advisories/ZDI-14-295/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-4153`	vulnerable	2026-06-08 05:05:44.294519	Details available The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to read arbitrary files via a crafted get_file request. Published: 2014-06-18T19:00:00.000Z Updated: 2024-08-06T11:04:28.684Z Open on db.gcve.eu Reference links http://forums.alienvault.com/discussion/2806 http://www.zerodayinitiative.com/advisories/ZDI-14-207/ http://secunia.com/advisories/59112	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-4152`	vulnerable	2026-06-08 05:05:44.294085	Details available The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute arbitrary code via a crafted remote_task request, related to injecting an ssh public key. Published: 2014-06-18T19:00:00.000Z Updated: 2024-08-06T11:04:28.559Z Open on db.gcve.eu Reference links http://forums.alienvault.com/discussion/2806 http://www.zerodayinitiative.com/advisories/ZDI-14-206/ http://secunia.com/advisories/59112	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-4151`	vulnerable	2026-06-08 05:05:44.292115	Details available The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted set_file request. Published: 2014-06-18T19:00:00.000Z Updated: 2024-08-06T11:04:28.604Z Open on db.gcve.eu Reference links http://forums.alienvault.com/discussion/2806 http://www.zerodayinitiative.com/advisories/ZDI-14-205/ http://secunia.com/advisories/59112	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-3805`	vulnerable	2026-06-08 05:05:42.831362	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2014-3804`	vulnerable	2026-06-08 05:05:42.830562	db.gcve.eu details were skipped to keep the page responsive. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Alienvault Open Source Security Information Management (OSSIM) 4.6

PURL mappings

Vulnerability references

Contribute