Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

33 matches found

Zero Day Initiative
Zero Day Initiativeadded 2025/11/27 12:0 a.m.2 views

Appleton UPSMON-PRO UPSMONProService Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Appleton UPSMON-PRO. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPSMONProService service, which listens on UDP port 2601 by default. The issue...

9.8CVSS7.6AI score0.02813EPSS
Exploits0References1
CISA
CISAadded 2025/11/20 12:0 p.m.3 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-324-01 Automated Logic WebCTRL Premium Server ICSA-25-324-02 ICAM365 CCTV Camera Multiple Models...

6.6AI score
Exploits0References6
ICS
ICSadded 2025/11/20 7:0 a.m.3 views

Emerson Appleton UPSMON-PRO

RISK EVALUATION Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on affected installations of Appleton UPSMON-PRO. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this...

9.8CVSS7.9AI score0.02813EPSS
Exploits0References11
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-40721

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02732EPSS
Exploits0References1
NVD
NVDadded 2022/11/10 3:15 p.m.9 views

CVE-2022-38121

UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators' account names and passwords via this unprotected configuration file...

6.5CVSS0.44278EPSS
Exploits1References1
NVD
NVDadded 2022/11/10 3:15 p.m.8 views

CVE-2022-38122

UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data...

7.5CVSS0.00359EPSS
Exploits0References1
OSV
OSVadded 2022/11/10 3:15 p.m.0 views

CVE-2022-38122

UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References1
OSV
OSVadded 2022/11/10 3:15 p.m.0 views

CVE-2022-38119

UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2022/11/10 3:15 p.m.10 views

CVE-2022-38120

UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files...

6.5CVSS0.48227EPSS
Exploits1References1
NVD
NVDadded 2022/11/10 3:15 p.m.7 views

CVE-2022-38119

UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service...

9.8CVSS0.02732EPSS
Exploits0References1
OSV
OSVadded 2022/11/10 3:15 p.m.1 views

CVE-2022-38120

UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files...

6.5CVSS5.9AI score0.48227EPSS
Exploits1References1
Prion
Prionadded 2022/11/10 3:15 p.m.10 views

Design/Logic Flaw

UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data...

5CVSS7.5AI score0.00359EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2022/11/10 3:15 p.m.16 views

Path traversal

UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files...

4CVSS6.8AI score0.48227EPSS
Exploits1References1Affected Software1
Prion
Prionadded 2022/11/10 3:15 p.m.15 views

Authentication flaw

UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service...

7.5CVSS9.7AI score0.02732EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2022/11/10 2:20 a.m.33 views

CVE-2022-38122

The CVE-2022-38122 issue affects UPSMON PRO (Powercom) and is caused by transmitting sensitive data in cleartext over HTTP. The vulnerability can be exploited by an unauthenticated remote attacker to access sensitive information. Public references describe this risk and assign a high severity (CV...

7.5CVSS7.5AI score0.00359EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/10 2:20 a.m.7 views

CVE-2022-38122 POWERCOM CO., LTD. UPSMON PRO - Cleartext Transmission of Sensitive Information

UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data...

7.5CVSS7.5AI score0.00359EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/11/10 2:20 a.m.9 views

CVE-2022-38122 POWERCOM CO., LTD. UPSMON PRO - Cleartext Transmission of Sensitive Information

UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data...

7.5CVSS7.7AI score0.00359EPSS
Exploits0References1
CVE
CVEadded 2022/11/10 2:20 a.m.72 views

CVE-2022-38121

CVE-2022-38121 affects POWERCOM UPSMON PRO. A vulnerability in the UPSMON PRO configuration file stores user passwords in plaintext under a public user directory, enabling a remote attacker with general user privileges to read credentials. The confirmed impact is exposure of usernames and passwor...

6.5CVSS6.6AI score0.44278EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/11/10 2:20 a.m.11 views

CVE-2022-38121 POWERCOM CO., LTD. UPSMON PRO - Insufficiently Protected Credentials

UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators' account names and passwords via this unprotected configuration file...

6.5CVSS6.8AI score0.44278EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/11/10 2:20 a.m.8 views

CVE-2022-38121 POWERCOM CO., LTD. UPSMON PRO - Insufficiently Protected Credentials

UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators' account names and passwords via this unprotected configuration file...

6.5CVSS6.6AI score0.44278EPSS
Exploits1References1
Rows per page
Query Builder