Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apc vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2003-0099
Multiple buffer overflows in apcupsd prior to 3.8.6, and 3.10.x prior to 3.10.5, may allow malicious users to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.
Apc Apcupsd 3.8.5
215
VMScore
CVE-2001-0040
APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file.
Apc Apcupsd 3.7.2
1 EDB exploit
445
VMScore
CVE-2002-1924
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote malicious users to modify or create files in that directory.
Apc Powerchute 5.0.2
445
VMScore
CVE-2005-4326
The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote malicious users to sniff authentication credentials.
Apc Powerchute Network Shutdown
641
VMScore
CVE-2017-7884
In Adam Kropelin adk0212 APC UPS Daemon up to and including 3.14.14, the default installation of APCUPSD allows a local authenticated, but unprivileged, user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable...
Apcupsd Apc Ups Daemon
668
VMScore
CVE-2020-7521
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and previous versions) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable...
Schneider-electric Apc Easy Ups Online Software
668
VMScore
CVE-2020-7522
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and previous versions) when accessing a vulnerable method of `SoundUploadServlet` which may lead to uploading executabl...
Schneider-electric Apc Easy Ups Online Software
645
VMScore
CVE-2006-2686
PHP remote file inclusion vulnerabilities in ActionApps 2.8.1 allow remote malicious users to execute arbitrary PHP code via a URL in the GLOBALS[AA_INC_PATH] parameter in (1) cached.php3, (2) cron.php3, (3) discussion.php3, (4) filldisc.php3, (5) filler.php3, (6) fillform.php3, ...
Actionapps Actionapps 2.8.1
1 EDB exploit
668
VMScore
CVE-2022-22805
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS...
Schneider-electric Smt Series 1015 Ups Firmware
Schneider-electric Smc Series 1018 Ups Firmware
Schneider-electric Smtl Series 1026 Ups Firmware
Schneider-electric Scl Series 1029 Ups Firmware
Schneider-electric Scl Series 1030 Ups Firmware
Schneider-electric Scl Series 1036 Ups Firmware
Schneider-electric Scl Series 1037 Ups Firmware
Schneider-electric Smx Series 1031 Ups Firmware
1 Article
668
VMScore
CVE-2022-22806
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Serie...
Schneider-electric Smt Series 1015 Ups Firmware
Schneider-electric Smc Series 1018 Ups Firmware
Schneider-electric Smtl Series 1026 Ups Firmware
Schneider-electric Scl Series 1029 Ups Firmware
Schneider-electric Scl Series 1030 Ups Firmware
Schneider-electric Scl Series 1036 Ups Firmware
Schneider-electric Scl Series 1037 Ups Firmware
Schneider-electric Smx Series 1031 Ups Firmware
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »