Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apc vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2023-6407
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause arbitrary file deletion upon service restart when accessed by a local and low-privileged attacker.
Schneider-electric Easy Ups Online Monitoring Software
NA
CVE-2008-1488
Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 up to and including 3.0.16 allows remote malicious users to execute arbitrary code via a long filename.
Pecl-php Alternative Php Cache 3.0.12p2
Pecl-php Alternative Php Cache 3.0.13
Pecl-php Alternative Php Cache 3.0.11
Pecl-php Alternative Php Cache 3.0.16
Pecl-php Alternative Php Cache 3.0.14
Pecl-php Alternative Php Cache 3.0.15
Pecl-php Alternative Php Cache 3.0.12
Pecl-php Alternative Php Cache 3.0.12p1
1 EDB exploit
9.8
CVSSv3
CVE-2018-7820
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.
Schneider-electric Ap9630 Firmware
Schneider-electric Smart-ups Srt 5kva Firmware
Schneider-electric Ap9631 Firmware
Schneider-electric Ap9635 Firmware
NA
CVE-2005-1974
Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privil...
Sun J2se 1.4.2 05
Sun J2se 1.4.2 06
Sun J2se 1.4.2
Sun J2se 1.4.2 03
Sun J2se 1.4.2 04
Sun J2se 1.4.2 07
Sun J2se 5.0
Sun J2se 1.4.2 01
Sun J2se 1.4.2 02
Sun J2se 5.0 Update1
9.8
CVSSv3
CVE-2019-11936
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions before 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.2...
Facebook Hhvm
Facebook Hhvm 4.24.0
Facebook Hhvm 4.25.0
Facebook Hhvm 4.26.0
Facebook Hhvm 4.27.0
Facebook Hhvm 4.28.0
Facebook Hhvm 4.28.1
NA
CVE-2024-4999
A vulnerability in the web-based management interface of multiple Ligowave devices could allow an authenticated remote malicious user to execute arbitrary commands with elevated privileges.This issue affects UNITY: up to and including 6.95-2; PRO: up to and including 6.95-1.Rt388...
7.5
CVSSv3
CVE-2020-1899
The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were static StringData objects. This issue affected HHVM prior to v4.32.3, betw...
Facebook Hhvm
Facebook Hhvm 4.57.0
Facebook Hhvm 4.58.0
Facebook Hhvm 4.58.1
Facebook Hhvm 4.59.0
Facebook Hhvm 4.60.0
Facebook Hhvm 4.61.0
Facebook Hhvm 4.62.0
5.3
CVSSv3
CVE-2021-22815
A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply (UPS) using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 (NMC2): AP9630...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
6.1
CVSSv3
CVE-2021-22812
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Ph...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
6.1
CVSSv3
CVE-2021-22813
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit poli...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »