Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2020-8161
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Rack Project Rack
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
4.4
CVSSv3
CVE-2019-1880
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local malicious user to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firm...
Cisco Unified Computing System Server Firmware
5.3
CVSSv3
CVE-2016-4442
The rack-mini-profiler gem prior to 0.10.1 for Ruby allows remote malicious users to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.
Miniprofiler Rack-mini-profiler
5.3
CVSSv3
CVE-2019-18978
An issue exists in the rack-cors (aka Rack CORS Middleware) gem prior to 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
Rack-cors Project Rack-cors
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
8
CVSSv3
CVE-2021-22825
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could allow an malicious user to access the system with elevated privileges when a privileged account clicks on a malicious URL that compromises the security token. Affected Products: ...
Schneider-electric Rack Power Distribution Unit With Network Management Card 2 Firmware
Schneider-electric Rack Power Distribution Unit With Network Management Card 3 Firmware
NA
CVE-2009-1797
Multiple cross-site request forgery (CSRF) vulnerabilities on the Network Management Card (NMC) on American Power Conversion (APC) Switched Rack PDU (aka Rack Mount Power Distribution) devices and other devices allow remote malicious users to hijack the authentication of (1) admi...
Apc Network Management Card
Apc Switched Rack Pdu
NA
CVE-2009-1798
Multiple cross-site scripting (XSS) vulnerabilities on the Network Management Card (NMC) on American Power Conversion (APC) Switched Rack PDU (aka Rack Mount Power Distribution) devices and other devices allow remote malicious users to inject arbitrary web script or HTML via unsp...
Apc Network Management Card
Apc Switched Rack Pdu
1 EDB exploit
NA
CVE-2007-6226
The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote malicious users to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then...
Apc Switched Rack Pdu Firmware 3.5.5
Apc Oas 3.5.6
7.5
CVSSv3
CVE-2017-6633
A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate-limiting protection....
Cisco Unified Computing System 3.0(0.234)
6.1
CVSSv3
CVE-2023-20228
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient va...
Cisco Encs 5100 Firmware
Cisco Encs 5400 Firmware
Cisco Ucs C220 M5 Rack Server Firmware
Cisco Ucs E160s M3 Firmware
Cisco Ucs E180d M3 Firmware
Cisco Ucs-e1120d-m3 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »