13 matches found
EUVD-2019-0289
Malware in sbrugna...
MAL-2022-2973 Malicious code in fb-arcanist-rpc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 241f4cc35eca1933b2b61749223d5ea2764029590ce5497f109e9ade1bb63f29 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in fb-arcanist-rpc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 241f4cc35eca1933b2b61749223d5ea2764029590ce5497f109e9ade1bb63f29 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-G7W9-VM5M-48Q8 Downloads Resources over HTTP in arcanist
Affected versions of arcanist insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
Downloads Resources over HTTP in arcanist
Affected versions of arcanist insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the syste...
arcanist Remote Code Execution Vulnerability
arcanist is a package for installing arcanist in phabricator. A security vulnerability exists in arcanist that originates when the program downloads an executable file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing t...
CVE-2016-10683
arcanist downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote...
CVE-2016-10683
arcanist downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote...
Remote code execution
arcanist downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote...
CVE-2016-10683
arcanist downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote...
CVE-2016-10683
CVE-2016-10683 involves arcanist downloading resources over HTTP, enabling MITM interception and potential remote code execution by substituting attacker-controlled content. The connected advisories (GHSA-G7W9-VM5M-48Q8, OSV, CNVD, etc.) reiterate that affected arcanist versions insecurely fetch ...
Man In The Middle (MitM)
arcanist is vulnerable to man-in-the-middle MitM attacks via downloading resources over HTTP. It may be possible to cause remote code execution RCE by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the...
Downloads Resources over HTTP
Overview Affected versions of arcanist insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...