CVE-2014-4151
published 2014-06-18CVE-2014-4151: The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted…
PriorityP356critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
7.32%
93.6th percentile
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted set_file request.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alienvault | open_source_security_information_management | <= 4.7.0 | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| alienvault | open_source_security_information_management | — | — |
| qemu | qemu | >= 0 < 2.0.0+dfsg-2ubuntu1.3 | 2.0.0+dfsg-2ubuntu1.3 |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p888-ppq3-6f8c: The av-centerd SOAP service in AlienVault OSSIM before 4
ghsa_unreviewed·2022-05-17
CVE-2014-4151 [HIGH] CWE-94 GHSA-p888-ppq3-6f8c: The av-centerd SOAP service in AlienVault OSSIM before 4
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create arbitrary files and execute arbitrary code via a crafted set_file request.
OSV
qemu, qemu-kvm vulnerabilities
osv·2014-09-08·CVSS 7.5
CVE-2013-4148 qemu, qemu-kvm vulnerabilities
qemu, qemu-kvm vulnerabilities
Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple
issues with QEMU state loading after migration. An attacker able to modify
the state data could use these issues to cause a denial of service, or
possibly execute arbitrary code. (CVE-2013-4148, CVE-2013-4149,
CVE-2013-4150, CVE-2013-4151, CVE-2013-4526, CVE-2013-4527, CVE-2013-4529,
CVE-2013-4530, CVE-2013-4531, CVE-2013-4532, CVE-2013-4533, CVE-2013-4534,
CVE-2013-4535, CVE-2013-4536, CVE-2013-4537, CVE-2013-4538, CVE-2013-4539,
CVE-2013-4540, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182,
CVE-2014-3461)
Kevin Wolf, Stefan Hajnoczi, Fam Zheng, Jeff Cody, Stefan Hajnoczi, and
others discovered multiple issues in the QEMU block drivers. An attacker
able to modify disk ima
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2014-06-18
Published