Skip to main content
CVE-2014-3804 CRITICAL POC THREAT Emergency

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) update_system_info_debian_package, (2) ossec_task, (3). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 79.3%.

RCE Code Injection Open Source Security Information Management
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
79.3%
Threat
5.9
CVE-2014-3805 CRITICAL POC THREAT Emergency

The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute arbitrary commands via a crafted (1) get_license, (2) get_log_line, or (3). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.5%.

RCE Code Injection Open Source Security Information Management
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
36.5%
Threat
4.6
CVE-2013-3663 CRITICAL POC THREAT Emergency

Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 15.9%.

RCE Google Buffer Overflow Sketchup
NVD
CVSS 2.0
9.3
EPSS
15.9%
CVE-2013-4099 CRITICAL POC Act Now

Multiple unspecified vulnerabilities in OpenAL32.dll in JOAL 2.0-rc11, as used in JOGAMP, allow context-dependent attackers to execute arbitrary code via a crafted parameter to the (1). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Joal Jogamp
NVD
CVSS 2.0
10.0
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy