Tripwire CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2013-5005	1 Tripwire	1 Tripwire Enterprise	2025-04-11	N/A
Multiple cross-site scripting (XSS) vulnerabilities in ajaxRequest/methodCall.do in Tripwire Enterprise 8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) m_target_class_name, (2) m_target_method_name, or (3) m_request_context_params parameters.
CVE-2008-0578	1 Tripwire	1 Tripwire Enterprise	2025-04-09	N/A
Cross-site scripting (XSS) vulnerability in the web management login page in Tripwire Enterprise 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-1999-0464	1 Tripwire	1 Tripwire	2025-04-03	N/A
Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames.
CVE-2004-0536	2 Redhat, Tripwire	2 Enterprise Linux, Tripwire	2025-04-03	N/A
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email report.
CVE-2001-0774	1 Tripwire	1 Tripwire	2025-04-03	N/A
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files.

Page 1 of 1.