Lucene search
K

258 matches found

Malwarebytes
Malwarebytes
added 2023/02/08 4:0 a.m.19 views

Stalkerware-type app developers fined by NY Attorney General

Stalkerware is a huge problem when it comes to intrusion into peoples personal lives. "Friends", strangers, family members, abusive spouses and many more can potentially dabble in this malignant pastime and cause all manner of trouble for their target. Thanks to the New York Attorney Generals...

6.6AI score
Exploits0
OSV
OSV
added 2023/02/01 4:15 a.m.3 views

CVE-2022-42970

A CWE-306: Missing Authentication for Critical Function The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows...

9.8CVSS5.8AI score0.00712EPSS
Exploits0References1
NVD
NVD
added 2023/02/01 4:15 a.m.35 views

CVE-2022-42971

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause remote code execution when the attacker uploads a malicious JSP file. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to...

9.8CVSS9.7AI score0.01071EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 4:15 a.m.5 views

CVE-2022-42971

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists that could cause remote code execution when the attacker uploads a malicious JSP file. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to...

9.8CVSS6.3AI score0.01071EPSS
Exploits0References1
Prion
Prion
added 2023/02/01 4:15 a.m.18 views

Hardcoded credentials

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...

4.3CVSS7.8AI score0.00163EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2023/02/01 12:0 a.m.82 views

CVE-2022-42970

Schneider Electric APC Easy UPS Online Monitoring Software (Schneider Electric/APC Easy UPS Online Monitoring Software) versions prior to V2.5-GA (Windows 7/10/11 and Windows Server 2016/2019/2022) and prior to V2.5-GA-01-22261 (Windows 11/Server 2019/2022) are affected by CVE-2022-42970 due to m...

9.8CVSS9.5AI score0.00712EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/01 12:0 a.m.49 views

CVE-2022-42971

The CVE-2022-42971 issue is a real, concrete vulnerability in Schneider Electric APC Easy UPS Online Monitoring Software (and related Schneider Electric variants) where UpLoadAction.execute allows Unrestricted Upload of File with Dangerous Type. An unauthenticated attacker can upload a malicious ...

9.8CVSS9.6AI score0.01071EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/01 12:0 a.m.57 views

CVE-2022-42972

Schneider Electric APC Easy UPS Online Monitoring Software and Schneider Electric Easy UPS Online Monitoring Software (Safe to say the affected products are APC Easy UPS Online Monitoring Software and Schneider Electric Easy UPS Online Monitoring Software) are impacted by CVE-2022-42972, which is...

7.8CVSS7.6AI score0.00177EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/01 12:0 a.m.52 views

CVE-2022-42973

Schneider Electric APC Easy UPS Online Monitoring Software (and APC Easy UPS Online Monitoring Software) versions prior to V2.5-GA, V2.5-GA-01-22261, V2.5-GS, or GS-01-22261 are affected by CVE-2022-42973 (CWE-798): use of hard-coded credentials in the database, enabling local privilege escalatio...

7.8CVSS7.7AI score0.00163EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/02/01 12:0 a.m.6 views

Schneider Electric Easy UPS Online Monitoring Software 安全漏洞

Schneider Electric Easy UPS Online Monitoring Software is a power monitoring software from Schneider Electric, a French company. A security vulnerability exists in Schneider Electric Easy UPS Online Monitoring Software, which stems from a Critical Resource Privilege Assignment Incorrect...

7.8CVSS7.3AI score0.00177EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/01 12:0 a.m.36 views

CVE-2022-42972

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could cause local privilege escalation when a local attacker modifies the webroot directory. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 -...

7.8CVSS7.9AI score0.00177EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/01 12:0 a.m.25 views

CVE-2022-42973

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege escalation when local attacker connects to the database. Affected Products: APC Easy UPS Online Monitoring Software Windows 7, 10, 11 & Windows Server 2016, 2019, 2022 - Versions prior to V2.5-GA, APC...

7.8CVSS8AI score0.00163EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2023/01/26 4:27 a.m.5 views

U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software

At least two federal agencies in the U.S. fell victim to a "widespread cyber campaign" that involved the use of legitimate remote monitoring and management RMM software to perpetuate a phishing scam. "Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/01/13 12:0 a.m.82 views

Schneider Electric APC Easy UPS Online Monitoring Software Detection

Binary data schneiderelectricupsmonitoringsoftwaredetect.nbin...

7.3AI score
Exploits0References1
CNNVD
CNNVD
added 2022/12/20 12:0 a.m.5 views

Fuji Electric Tellus Lite V-Simulator 安全漏洞

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by FujiElectric Japan, which is mainly used to collect real-time data from PLCs Programmable Logic Controllers, temperature controllers, inverters, and other devices. Fuji Electric Tellus...

7.8CVSS7.8AI score0.00245EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/12/14 12:0 a.m.7 views

The vulnerability of the APC Easy UPS Online Monitoring Software lies in the lack of authentication for a critical function, allowing attackers to gain access to the software.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the absence of authentication for a critical function. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the software...

10CVSS7.8AI score0.00712EPSS
Exploits0References4Affected Software2
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.6 views

PT-2022-5907 · Schneider Electric · Apc Easy Ups Online Monitoring +1

Name of the Vulnerable Software and Affected Versions: APC Easy UPS Online Monitoring Software versions prior to V2.5-GA APC Easy UPS Online Monitoring Software versions prior to V2.5-GA-01-22261 Schneider Electric Easy UPS Online Monitoring Software versions prior to V2.5-GS Schneider Electric...

10CVSS9.6AI score0.01071EPSS
Exploits0References7
CNVD
CNVD
added 2022/10/24 12:0 a.m.24 views

Advantech R-SeeNet Stack Buffer Overflow Vulnerability

Advantech R-SeeNet is an industrial monitoring software from Advantech China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet 2.4.17 and previous versions are vulnerable to a stack buffer overflow vulnerabilit...

9.8CVSS4.8AI score0.01202EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/10/24 12:0 a.m.8 views

The vulnerability of the monitoring software for the status and functions of Advantech R-SeeNet routers lies in buffer overflow in the stack, allowing a hacker to execute arbitrary code.

The vulnerability of the monitoring software for the functions and states of Advantech R-SeeNet routers is related to buffer overflow in the stack. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.7AI score0.01202EPSS
Exploits0References3Affected Software1
Schneier on Security
Schneier on Security
added 2022/08/31 2:33 p.m.26 views

High-School Graduation Prank Hack

This is a fun story, detailing the hack a group of high school students perpetrated against an Illinois school district, hacking 500 screens across a bunch of schools. During the process, the group broke into the school’s IT systems; repurposed software used to monitor students’ computers;...

10CVSS9.5AI score0.01611EPSS
Exploits1
Rows per page
Query Builder