Lucene search
+L

812 matches found

Nuclei
Nuclei
added 11 hours ago25 views

Arcserve UDP <= 9.0.6034 - Authentication Bypass

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute a...

9.8CVSS8.5AI score0.37715EPSS
Exploits2References2
Nuclei
Nuclei
added 11 hours ago14 views

Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll. id: CVE-2024-0801 info: name: Arcserve Unified Data Protection - Unauthenticated DoS in ASNative.dll author: daffainfo severity: high description: | A denial of service vulnerability exists i...

7.5CVSS7.5AI score0.41843EPSS
Exploits1References2
Nuclei
Nuclei
added 11 hours ago32 views

Arcserve Unified Data Protection - Authentication Bypass

An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin. id: CVE-2024-0799 info: name: Arcserve Unified Data Protection -...

9.8CVSS8.6AI score0.04342EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.12 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS6.5AI score0.00178EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/16 8:29 a.m.8 views

Arcserve UDP Console vulnerable to redirect to a dummy URL

Overview UDP Console provided by Arcserve contains the following vulnerability. Incorrectly specified destination in a communication channel CWE-941 - CVE-2026-40118 Shingo Ando reported this vulnerability to IPA, IPA reported it to Arcserve, and JPCERT/CC coordinated with Arcserve to publish the...

6.3CVSS6.6AI score0.00178EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/16 6:31 a.m.7 views

EUVD-2026-23192

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS5.8AI score0.00178EPSS
Exploits0References3
NVD
NVD
added 2026/04/16 5:16 a.m.6 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS0.00178EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/16 4:19 a.m.4 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS6.6AI score0.00178EPSS
Exploits0References2
CVE
CVE
added 2026/04/16 4:19 a.m.17 views

CVE-2026-40118

CVE-2026-40118 involves Arcserve’s UDP Console. The issue is an incorrectly specified destination in a communication channel: if a user configures the activation server hostname to a dummy URL, the product may contact that dummy domain, potentially causing information disclosure. The provided doc...

6.3CVSS6.6AI score0.00178EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/16 4:19 a.m.5 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS5.8AI score0.00178EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/16 4:19 a.m.28 views

CVE-2026-40118

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS0.00178EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.8 views

PT-2026-33258

UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname of the affected product to a dummy URL, the product may unintentionally communicate with the dummy domain, causing...

6.3CVSS5.8AI score0.00178EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.11 views

Arcserve UDP Console 安全漏洞

Arcserve UDP Console is a data protection management console developed by the American company Arcserve. There are security vulnerabilities in Arcserve UDP Console. These vulnerabilities stem from incorrect target designation in the communication channel, which may lead to unexpected communicatio...

6.3CVSS6.6AI score0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.9 views

CVE-2018-18657

An issue was discovered in Arcserve Unified Data Protection UDP through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue...

7.5CVSS6.9AI score0.01337EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.3 views

Arcserve UDP < 5.0 Update 4 Directory Traversal

The Arcserve Unified Data Protection UDP application running on the remote host is affected by a directory traversal vulnerability. An unauthenticated, remote attacker can exploit this, via a crafted file path to the 1 reportFileServlet or 2 exportServlet servlet, to obtain sensitive information ...

9.4CVSS5.6AI score0.63643EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-2949

Malware in sbrugna...

7.5CVSS6.1AI score0.04053EPSS
Exploits4References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-4381

Malware in sbrugna...

5CVSS6.4AI score0.03382EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3960

Malware in sbrugna...

7.5CVSS6.4AI score0.0532EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-4379

Malware in sbrugna...

5CVSS6.2AI score0.08232EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2001-0941

Malware in sbrugna...

6.4CVSS6.4AI score0.02973EPSS
Exploits0References6
Rows per page
Query Builder