Apcupsd
by Apcupsd
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-0040 | 0.03 | — | 0.01 | Feb 16, 2001 | APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file. | |||
| CVE-2019-12585 | 0.00 | — | 0.05 | Jun 3, 2019 | Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php. | |||
| CVE-2019-12584 | 0.00 | — | 0.03 | Jun 3, 2019 | Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php. | |||
| CVE-2003-0098 | 0.00 | — | 0.05 | Mar 3, 2003 | Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | |||
| CVE-2003-0099 | 0.00 | — | 0.01 | Mar 3, 2003 | Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. |
- CVE-2001-0040Feb 16, 2001risk 0.03cvss —epss 0.01
APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file.
- CVE-2019-12585Jun 3, 2019risk 0.00cvss —epss 0.05
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
- CVE-2019-12584Jun 3, 2019risk 0.00cvss —epss 0.03
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
- CVE-2003-0098Mar 3, 2003risk 0.00cvss —epss 0.05
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
- CVE-2003-0099Mar 3, 2003risk 0.00cvss —epss 0.01
Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.