Page 2 of 8 results (0.007 seconds)

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1

CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF). • https://arc.cdata.com https://arc.cdata.com/trial https://gist.github.com/d3vc0r3/6460a5f006e32a2ebffe739e411ab1b8 https://www.cdata.com/kb/entries/netembeddedserver-notice.rst • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

arc 5.21j and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different type of vulnerability than CVE-2005-2945. • http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0535.html http://marc.info/?l=bugtraq&m=112689596714383&w=2 http://secunia.com/advisories/16805 http://secunia.com/advisories/17068 http://securityreason.com/securityalert/11 http://www.debian.org/security/2005/dsa-843 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

arc 5.21j and earlier create temporary files with world-readable permissions, which allows local users to read sensitive information from files created by (1) arc (arc.c) or (2) marc (marc.c). • http://marc.info/?l=bugtraq&m=112689596714383&w=2 http://secunia.com/advisories/16805 http://secunia.com/advisories/17068 http://www.debian.org/security/2005/dsa-843 http://www.zataz.net/adviso/arc-09052005.txt •