Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2020-8161
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
Rack Project Rack
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
4.4
CVSSv3
CVE-2019-1880
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local malicious user to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firm...
Cisco Unified Computing System Server Firmware
5.3
CVSSv3
CVE-2016-4442
The rack-mini-profiler gem prior to 0.10.1 for Ruby allows remote malicious users to obtain sensitive information about allocated strings and objects by leveraging incorrect ordering of security checks.
Miniprofiler Rack-mini-profiler
5.3
CVSSv3
CVE-2019-18978
An issue exists in the rack-cors (aka Rack CORS Middleware) gem prior to 1.0.4 for Ruby. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format.
Rack-cors Project Rack-cors
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
NA
CVE-2007-6226
The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote malicious users to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then...
Apc Oas 3.5.6
Apc Switched Rack Pdu Firmware 3.5.5
7.5
CVSSv3
CVE-2017-6633
A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers 3.0(0.234) could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate-limiting protection....
Cisco Unified Computing System 3.0\\(0.234\\)
6.4
CVSSv3
CVE-2018-3615
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.
Intel Core I3 6006u
Intel Core I3 6098p
Intel Core I3 6102e
Intel Core I3 6157u
Intel Core I5 661
Intel Core I5 670
Intel Core I5 6300u
Intel Core I5 6350hq
Intel Core I5 6442eq
Intel Core I5 6500
Intel Core I5 6500t
Intel Core I7 610e
Intel Core I7 620le
Intel Core I7 640um
Intel Core I7 660lm
Intel Core I3 6100h
Intel Core I3 6100t
Intel Core I3 6320
Intel Core I5 650
Intel Core I3 6100te
Intel Core I3 6100u
Intel Core I5 655k
2 Articles
NA
CVE-2024-27456
rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for the .rb files.
NA
CVE-2020-26063
A vulnerability in the API endpoints of Cisco Integrated Management Controller could allow an authenticated, remote attacker to bypass authorization and take actions on a vulnerable system without authorization. The vulnerability is due to improper authorization checks on API end...
9.8
CVSSv3
CVE-2020-3470
Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote malicious user to execute arbitrary code with root privileges. The vulnerabilities are due to improper boundary checks for certain user-supplied in...
Cisco Enterprise Nfv Infrastructure Software
Cisco Integrated Management Controller
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »