CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

NVD•added 2022/01/28 8:15 p.m.•12 views

CVE-2021-22815

A CWE-200: Information Exposure vulnerability exists which could cause the troubleshooting archive to be accessed. Affected Products: 1-Phase Uninterruptible Power Supply UPS using NMC2 including Smart-UPS, Symmetra, and Galaxy 3500 with Network Management Card 2 NMC2: AP9630/AP9630CH/AP9630J,...

5.3CVSS0.00768EPSS

Exploits0References1

NVD•added 2022/01/28 8:15 p.m.•12 views

CVE-2021-22814

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists which could cause arbritrary script execution when a malicious file is read and displayed. Affected Products: 1-Phase Uninterruptible Power Supply UPS using NMC2 including Smart-UPS,...

6.1CVSS0.00745EPSS

Exploits0References1

NVD•added 2022/01/28 8:15 p.m.•15 views

CVE-2021-22812

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC. Affected Products: 1-Phase Uninterruptible Power...

6.1CVSS0.00745EPSS

Exploits0References1

Prion•added 2022/01/28 8:15 p.m.•20 views

Cross site scripting

4.3CVSS6.2AI score0.00745EPSS

Exploits0References1Affected Software2

Prion•added 2022/01/28 8:15 p.m.•23 views

Cross site scripting

4.3CVSS6.2AI score0.00745EPSS

Exploits0References1Affected Software2

CVE•added 2022/01/28 7:9 p.m.•60 views

CVE-2021-22815

The CVE-2021-22815 entry covers an Information Exposure vulnerability in Schneider Electric NMC/NMC2/NMC3 embedded devices and related APC equipment. Affected products include 1-phase and 3-phase UPS with NMC2/NMC3 (AP9630/9631/9635 on NMC2; AP9640/9641/9643 on NMC3), NMC2/NMC3-based PDUs, XRDP/X...

5.3CVSS5.2AI score0.00768EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/01/28 7:9 p.m.•16 views

CVE-2021-22813

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to an edit policy file. Affected Products:...

6.4AI score0.00745EPSS

Exploits0References1

Cvelist•added 2022/01/28 7:9 p.m.•15 views

CVE-2021-22811

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause script execution when the request of a privileged account accessing the vulnerable web page is intercepted. Affected Products: 1-Phase Uninterruptible Power Supply UP...

6.5AI score0.00745EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by