Export limit exceeded: 334689 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 334689 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2022-38119 1 Upspowercom 1 Upsmon Pro 2025-05-01 9.8 Critical
UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service.
CVE-2022-38120 1 Upspowercom 1 Upsmon Pro 2025-05-01 6.5 Medium
UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files.
CVE-2022-38121 1 Upspowercom 1 Upsmon Pro 2025-05-01 6.5 Medium
UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators' account names and passwords via this unprotected configuration file.
CVE-2022-38122 1 Upspowercom 1 Upsmon Pro 2025-05-01 7.5 High
UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data.