Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apc vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2001-0040
APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file.
Apc Apcupsd 3.7.2
1 EDB exploit
7.2
CVSSv2
CVE-2003-0099
Multiple buffer overflows in apcupsd prior to 3.8.6, and 3.10.x prior to 3.10.5, may allow malicious users to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.
Apc Apcupsd 3.8.5
5
CVSSv2
CVE-2002-1924
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote malicious users to modify or create files in that directory.
Apc Powerchute 5.0.2
5
CVSSv2
CVE-2005-4326
The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote malicious users to sniff authentication credentials.
Apc Powerchute Network Shutdown
7.2
CVSSv2
CVE-2017-7884
In Adam Kropelin adk0212 APC UPS Daemon up to and including 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable...
Apcupsd Apc Ups Daemon
7.5
CVSSv2
CVE-2020-7522
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and previous versions) when accessing a vulnerable method of `SoundUploadServlet` which may lead to uploading executabl...
Schneider-electric Apc Easy Ups Online Software
7.5
CVSSv2
CVE-2020-7521
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and previous versions) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable...
Schneider-electric Apc Easy Ups Online Software
6.4
CVSSv2
CVE-2006-2686
PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, ...
Actionapps Actionapps 2.8.1
1 EDB exploit
7.5
CVSSv2
CVE-2022-22805
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS...
Schneider-electric Smt Series 1015 Ups Firmware
Schneider-electric Smc Series 1018 Ups Firmware
Schneider-electric Smtl Series 1026 Ups Firmware
Schneider-electric Scl Series 1029 Ups Firmware
Schneider-electric Scl Series 1030 Ups Firmware
Schneider-electric Scl Series 1036 Ups Firmware
Schneider-electric Scl Series 1037 Ups Firmware
Schneider-electric Smx Series 1031 Ups Firmware
1 Article
6.4
CVSSv2
CVE-2022-0715
A CWE-287: Improper Authentication vulnerability exists that could cause an malicious user to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series ID=18: UPS 09.8 and ...
Schneider-electric Smt Series 1015 Ups Firmware
Schneider-electric Smc Series 1018 Ups Firmware
Schneider-electric Smtl Series 1026 Ups Firmware
Schneider-electric Scl Series 1029 Ups Firmware
Schneider-electric Scl Series 1030 Ups Firmware
Schneider-electric Scl Series 1036 Ups Firmware
Schneider-electric Scl Series 1037 Ups Firmware
Schneider-electric Smx Series 1031 Ups Firmware
Schneider-electric Smt Series 18 Ups Firmware
Schneider-electric Smt Series 1040 Ups Firmware
Schneider-electric Smt Series 1031 Ups Firmware
Schneider-electric Smc Series 1005 Ups Firmware
Schneider-electric Smc Series 1007 Ups Firmware
Schneider-electric Smc Series 1041 Ups Firmware
Schneider-electric Smx Series 20 Ups Firmware
Schneider-electric Smx Series 23 Ups Firmware
Schneider-electric Srt Series 1010 Ups Firmware
Schneider-electric Srt Series 1019 Ups Firmware
Schneider-electric Srt Series 1025 Ups Firmware
Schneider-electric Srt Series 1020 Ups Firmware
Schneider-electric Srt Series 1021 Ups Firmware
Schneider-electric Srt Series 1001 Ups Firmware
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »