Lucene search
K

823 matches found

CVE
CVE
added 2020/10/12 1:54 p.m.47 views

CVE-2020-26867

CVE-2020-26867 concerns ARC Informatique PcVue deserialization of untrusted data, enabling remote arbitrary code execution on the web/mobile back-end server. Affected: PcVue versions prior to 12.0.17 (8.10–12.0.x). Root cause: insecure deserialization of messages on the interface. Impact: high-se...

9.8CVSS9.8AI score0.03566EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/10/12 1:54 p.m.41 views

CVE-2020-26867 ARC Informatique PcVue Deserialization of Untrusted Data

ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server...

9.8CVSS9.8AI score0.03566EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/10/12 1:52 p.m.39 views

CVE-2020-26869 ARC Informatique PcVue Exposure of Sensitive Information to an Unauthorized Actor

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users. This issue also affects third-party systems based on the Web Services Toolkit...

7.5CVSS7.4AI score0.01634EPSS
Exploits0References4
CVE
CVE
added 2020/10/12 1:52 p.m.65 views

CVE-2020-26869

ARC Informatique PcVue Information Disclosure (CVE-2020-26869): PcVue versions 8.10 up to before 12.0.17 expose session data of legitimate users to unauthorized actors via Web Services Toolkit integration. ICSA-20-308-03 confirms the vulnerability and cites a CVSS v3 base score of 7.5 (Network, L...

7.5CVSS7.5AI score0.01634EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2020/10/12 1:50 p.m.44 views

CVE-2020-26868

The CVE-2020-26868 issue affects ARC Informatique PcVue versions prior to 12.0.17. It enables a denial-of-service by an unauthorized user who can modify data used to validate messages from legitimate web clients (also impacting systems based on the Web Services Toolkit). The ICS advisory confirms...

7.5CVSS7.5AI score0.02108EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/10/12 1:50 p.m.35 views

CVE-2020-26868 ARC Informatique PcVue Access to Critical Private Variable via Public Method

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit...

7.5CVSS7.4AI score0.02108EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2020/10/12 12:0 a.m.4 views

PT-2020-4303 · Arc Informatique · Pcvue

Name of the Vulnerable Software and Affected Versions: ARC Informatique PcVue versions prior to 12.0.17 Description: The issue is related to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server. This is due to...

9.8CVSS9.5AI score0.03566EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2020/10/12 12:0 a.m.5 views

PT-2020-16522 · Arc Informatique · Pcvue +1

Name of the Vulnerable Software and Affected Versions: ARC Informatique PcVue versions prior to 12.0.17 Description: The issue allows an unauthorized user to modify information used to validate messages sent by legitimate web clients, leading to a denial-of-service attack. This problem also affec...

7.5CVSS7.4AI score0.02108EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.3 views

An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c related to _arc_max_angle_for_tolerance_normalized.

...

6.5CVSS6.1AI score0.02142EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/08/18 7:0 a.m.4 views

An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file cairo-arc.c.

...

6.5CVSS6.1AI score0.02117EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2020/07/06 12:0 a.m.79 views

Security update for rust, rust-cbindgen (moderate)

openSUSE Security Update: Security update for rust, rust-cbindgen Announcement ID: openSUSE-SU-2020:0933-1 Rating: moderate References: 1115645 1154817 1173202 Cross-References: CVE-2020-1967 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has two fixes is now...

7.5CVSS6.6AI score0.53336EPSS
Exploits2References3
Cvelist
Cvelist
added 2020/05/11 10:26 p.m.30 views

CVE-2020-10027 ARC Platform Uses Signed Integer Comparison When Validating Syscall Numbers

An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions...

7.8CVSS7.8AI score0.00687EPSS
Exploits0References5
VMware
VMware
added 2020/05/08 12:0 a.m.159 views

vRealize Operations Application Remote Collector (ARC) addresses Authentication Bypass and Directory Traversal vulnerabilities (CVE-2020-11651, CVE-2020-11652)

3. vRealize Operations Application Remote Collector ARC addresses Authentication Bypass CVE-2020-11651 and Directory Traversal CVE-2020-11652 vulnerabilities. The Application Remote Collector ARC introduced with vRealize Operations 7.5 utilizes Salt which is affected by CVE-2020-11651 and...

7.5CVSS8.4AI score0.96405EPSS
Exploits25References8Affected Software1
Openbugbounty
Openbugbounty
added 2020/04/11 9:21 a.m.11 views

arc-gm.nihr.ac.uk Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1138671 Security Researcher g0bl1nsec Helped patch 3754 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting arc-gm.nihr.ac.uk website...

0.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2020/04/02 12:0 a.m.7 views

strong-arc (>=1.8.6 <=1.8.9), strong-mesh-client (>=1.3.5 <=2.0.2) +1 more potentially affected by CVE-2020-7621 via strong-nginx-controller (=1.0.2)

strong-nginx-controller NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on strong-nginx-controller and may be impacted: - strong-arc =1.8.6, =1.3.5, =6.0.1, =6.0.3 Source cves: CVE-2020-7621 Source advisory:...

9.8CVSS7.2AI score0.02941EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/03/31 8:23 a.m.39 views

CVE-2019-6462

An issue was discovered in cairo 1.16.0. There is an infinite loop in the function arcerrornormalized in the file cairo-arc.c, related to arcmaxanglefortolerancenormalized...

6.5CVSS2.2AI score0.02142EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/01/27 12:0 a.m.18 views

openSUSE Security Update : arc (openSUSE-2020-103)

This update for arc fixes the following issues : - CVE-2015-9275: Fixed a directory traversal vulnerability boo1121032. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-103. The text description of...

5.3CVSS5.6AI score0.02378EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2020/01/27 12:0 a.m.14 views

openSUSE: Security Advisory for arc (openSUSE-SU-2020:0103_1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.3CVSS5.3AI score0.02378EPSS
Exploits1References2
OSV
OSV
added 2020/01/25 1:14 p.m.2 views

OPENSUSE-SU-2020:0103-1 Security update for arc

This update for arc fixes the following issues: - CVE-2015-9275: Fixed a directory traversal vulnerability boo1121032...

5.3CVSS5.3AI score0.02378EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2020/01/25 12:0 a.m.130 views

Security update for arc (moderate)

openSUSE Security Update: Security update for arc Announcement ID: openSUSE-SU-2020:0103-1 Rating: moderate References: 1121032 Cross-References: CVE-2015-9275 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that fixes one vulnerability is n...

5.3CVSS6.1AI score0.02378EPSS
Exploits1References1
Rows per page
Query Builder