61 matches found
Arcserve Unified Data Protection - Authentication Bypass
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin. id: CVE-2024-0799 info: name: Arcserve Unified Data Protection -...
CVE-2018-18657
An issue was discovered in Arcserve Unified Data Protection UDP through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue...
EUVD-2018-10375
Malware in sbrugna...
EUVD-2018-10374
Malware in sbrugna...
EUVD-2018-10376
Malware in sbrugna...
EUVD-2018-10373
Malware in sbrugna...
EUVD-2025-26166
Malicious code in bioql PyPI...
EUVD-2024-16586
Malicious code in bioql PyPI...
EUVD-2024-16587
Malicious code in bioql PyPI...
CVE-2025-34523
A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protection UDP. This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending specially crafted...
Vulnerabilities fixed in Arcserve Unified Data Protection
Arcserve has fixed vulnerabilities in Arcserve Unified Data Protection UDP for all versions prior to 10.2. The vulnerabilities include an authentication bypass that allows unauthenticated malicious parties to access protected functions, a reflected cross-site scripting XSS vulnerability that allo...
CVE-2025-34521
A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...
CVE-2025-34520 Arcserve UDP < 10.2 Authentication Bypass
An authentication bypass vulnerability in Arcserve Unified Data Protection UDP allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or exploiting a logic flaw, an attacker can bypass login mechanisms...
CVE-2025-34521
A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...
Arcserve Unified Data Protection 安全漏洞
Arcserve Unified Data Protection is Arcserve's all-in-one data and ransomware protection solution. A security vulnerability exists in Arcserve Unified Data Protection versions prior to 10.2 that stems from reflective cross-site scripting and could lead to session hijacking...
Arcserve Unified Data Protection 安全漏洞
Arcserve Unified Data Protection is Arcserve's all-in-one data and ransomware protection solution. A security vulnerability exists in Arcserve Unified Data Protection versions prior to 10.2 that stems from a heap buffer overflow that could lead to remote code execution...
PT-2025-34946
Name of the Vulnerable Software and Affected Versions: Arcserve Unified Data Protection UDP versions prior to 10.2 Arcserve Unified Data Protection UDP versions 8.0 through 10.1 Arcserve Unified Data Protection UDP versions 7.x and earlier Description: An authentication bypass in Arcserve Unified...
CVE-2018-18660
An issue was discovered in Arcserve Unified Data Protection UDP through 6.5 Update 4. There is a DDI-VRT-2018-21 Reflected Cross-site Scripting via /authenticationendpoint/domain.jsp issue...
CVE-2018-18658
An issue was discovered in Arcserve Unified Data Protection UDP through 6.5 Update 4. There is a DDI-VRT-2018-20 Unauthenticated Sensitive Information Disclosure via /UDPUpdates/Config/FullUpdateSettings.xml issue...
CVE-2018-18659
An issue was discovered in Arcserve Unified Data Protection UDP through 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue...