Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apc vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6407
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by a local and low-privileged attacker.
Schneider-electric Easy Ups Online Monitoring Software
685
VMScore
CVE-2008-1488
Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 up to and including 3.0.16 allows remote malicious users to execute arbitrary code via a long filename.
Pecl-php Alternative Php Cache 3.0.12p2
Pecl-php Alternative Php Cache 3.0.13
Pecl-php Alternative Php Cache 3.0.11
Pecl-php Alternative Php Cache 3.0.16
Pecl-php Alternative Php Cache 3.0.14
Pecl-php Alternative Php Cache 3.0.15
Pecl-php Alternative Php Cache 3.0.12
Pecl-php Alternative Php Cache 3.0.12p1
1 EDB exploit
445
VMScore
CVE-2018-7820
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.
Schneider-electric Ap9630 Firmware
Schneider-electric Smart-ups Srt 5kva Firmware
Schneider-electric Ap9631 Firmware
Schneider-electric Ap9635 Firmware
454
VMScore
CVE-2005-1974
Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privil...
Sun J2se 1.4.2 05
Sun J2se 1.4.2 06
Sun J2se 1.4.2
Sun J2se 1.4.2 03
Sun J2se 1.4.2 04
Sun J2se 1.4.2 07
Sun J2se 5.0
Sun J2se 1.4.2 01
Sun J2se 1.4.2 02
Sun J2se 5.0 Update1
668
VMScore
CVE-2019-11936
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.2...
Facebook Hhvm
Facebook Hhvm 4.24.0
Facebook Hhvm 4.25.0
Facebook Hhvm 4.26.0
Facebook Hhvm 4.27.0
Facebook Hhvm 4.28.0
Facebook Hhvm 4.28.1
445
VMScore
CVE-2020-1899
The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, betw...
Facebook Hhvm
Facebook Hhvm 4.57.0
Facebook Hhvm 4.58.0
Facebook Hhvm 4.58.1
Facebook Hhvm 4.59.0
Facebook Hhvm 4.60.0
Facebook Hhvm 4.61.0
Facebook Hhvm 4.62.0
445
VMScore
CVE-2021-22815
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): AP9630...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
383
VMScore
CVE-2021-22811
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause script execution when the request of a privileged account accessing the vulnerable web page is intercepted. Affected Products: 1-Phase Un...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
383
VMScore
CVE-2021-22812
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Ph...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
383
VMScore
CVE-2021-22813
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit poli...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »