Arcinfo Pcvue
16 CVEs affecting Arcinfo Pcvue. Latest disclosed: 2026-02-26. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-1698 | | 2026-02-26 | A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included, allowing a remote a… | |
CVE-2026-1697 | | 2026-02-26 | The Secure and SameSite attribute are missing in the GraphicalData web services and WebClient web app of PcVue in version 12.0.0 through 16.3.3 included. | |
CVE-2026-1696 | | 2026-02-26 | Some HTTP security headers are not properly set by the web server when sending responses to the client application. | |
CVE-2026-1695 | | 2026-02-26 | An XSS vulnerability affects the OAuth web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 i… | |
CVE-2026-1694 | | 2026-02-26 | HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebS… | |
CVE-2026-1693 | | 2026-02-26 | The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue f… | |
CVE-2026-1692 | | 2026-02-26 | A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebScheduler, TouchVue and SnapVue features… | |
CVE-2025-9999 | | 2025-09-05 | Some payload elements of the messages sent between two stations in a networking architecture are not properly checked on the receiving station allowing an atta… | |
CVE-2025-9998 | | 2025-09-05 | The sequence of packets received by a Networking server are not correctly checked. An attacker could exploit this vulnerability to send specially crafted mess… | |
CVE-2025-4384 | | 2025-05-06 | The MQTT add-on of PcVue fails to verify that a remote device’s certificate has not already expired or has not yet become valid. This allows malicious devices… | |
CVE-2024-12057 | | 2024-12-09 | User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with t… | |
CVE-2024-12056 | | 2024-12-04 | The Client secret is not checked when using the OAuth Password grant type. By exploiting this vulnerability, an attacker could connect to a web server using a… | |
CVE-2011-4045 | | 2012-04-03 | Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to… | |
CVE-2011-4044 | | 2012-04-03 | An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via ca… | |
CVE-2011-4043 | | 2012-04-03 | Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to… | |
CVE-2011-4042 | | 2012-04-03 | An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary c… |