← Back

Haystacksoftware

haystacksoftware

3 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Arq
arq
2 CVEs
Arq Backup
arq_backup
1 CVE

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-36617
1Haystacksoftware
1Arq Backup
Nov 21, 2024
Sep 9, 2022
N/A· v4
4.9 MEDIUM· v3
N/A· v2
Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords.
CVE-2017-16945
1Haystacksoftware
1Arq
Nov 21, 2024
Jan 31, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path.
CVE-2017-16928
1Haystacksoftware
1Arq
Nov 21, 2024
Jan 31, 2018
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip.