Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free...
8.4AI Score
0.004EPSS
The server in xArrow before 3.4.1 performs an invalid read operation, which allows remote attackers to execute arbitrary code via unspecified...
7.8AI Score
0.003EPSS
Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read...
8AI Score
0.003EPSS
The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified...
6.8AI Score
0.002EPSS
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter βedateβ of the resource xhisalarm.htm, which may allow an unauthorized attacker to execute arbitrary...
6.1CVSS
6.2AI Score
0.001EPSS
xArrow SCADA versions 7.2 and prior permits unvalidated registry keys to be run with application-level...
7.8CVSS
7.5AI Score
0.0004EPSS
xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter βbdateβ of the resource xhisvalue.htm, which may allow an unauthorized attacker to execute arbitrary...
6.1CVSS
6.2AI Score
0.001EPSS