Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv3
CVE-2023-20012
A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the im...
Cisco Nexus 93180yc-fx3s Firmware -
Cisco Nexus 93180yc-fx3 Firmware -
Cisco Ucs Central Software
Cisco Ucs 6536 Firmware -
Cisco Ucs 64108 Firmware -
Cisco Ucs 6454 Firmware -
6.1
CVSSv3
CVE-2017-6604
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. This vulnerability affects the following Cisco products running Cisco IMC Software: Unif...
Cisco Unified Computing System 3.0\\(1c\\)
Cisco Unified Computing System 2.2\\(8b\\)
Cisco Unified Computing System 3.1\\(2c\\)b
NA
CVE-2012-2694
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails prior to 3.0.14, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote malicious u...
Rubyonrails Rails 3.0.12
Rubyonrails Rails 3.0.0
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.9
Rubyonrails Ruby On Rails
Rubyonrails Rails 3.0.13
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.11
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.1.2
Rubyonrails Rails 3.1.4
Rubyonrails Rails 3.1.5
Rubyonrails Rails 3.1.1
Rubyonrails Rails 3.1.3
1 Github repository
5.9
CVSSv3
CVE-2020-15237
In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it's possible for the malicious user to use a timing attack to guess the signature of the derivation URL. The problem has been fixed by comparing sent and calculated signature in constant time, usin...
Shrinerb Shrine
NA
CVE-2012-2660
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails prior to 3.0.13, 3.1.x prior to 3.1.5, and 3.2.x prior to 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote malicious u...
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.12
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.11
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.13
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.1.1
Rubyonrails Rails 3.1.2
Rubyonrails Rails 3.1.4
Rubyonrails Rails 3.1.5
Rubyonrails Rails 3.1.3
Rubyonrails Rails 3.2.3
1 Github repository
7.1
CVSSv3
CVE-2015-7842
Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC7...
Huawei Rh2288 V3 Firmware
Huawei Rh2288h V3 Firmware
Huawei Xh628 V3 Firmware
Huawei Rh1288 V3 Firmware
Huawei Rh2288a V2 Firmware
Huawei Rh1288a V2 Firmware
Huawei Rh8100 V3 Firmware
Huawei Ch222 V3 Firmware
Huawei Ch220 V3 Firmware
Huawei Ch121 V3 Firmware
7.5
CVSSv3
CVE-2021-32997
The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. 3060/00 versions 6.98 and prior, 3500 System 1, Part No. 3071/xx & 3072/xx versions 21.1 HF1 and prior, 3500 Rack Configuration, Part No. 129133-01 versions 6.4 and prior, and 3500/22M Firmware, Pa...
Bakerhughes Bentley Nevada 3500 System 1 6.x \\(3060\\/00\\) Firmware
Bakerhughes Bentley Nevada 3500 System 1 \\(3072\\/xx\\) Firmware 21.1
Bakerhughes Bentley Nevada 3500 System 1 \\(3072\\/xx\\) Firmware
Bakerhughes Bentley Nevada 3500 System 1 \\(3071\\/xx\\) Firmware 21.1
Bakerhughes Bentley Nevada 3500 System 1 \\(3071\\/xx\\) Firmware
Bakerhughes Bentley Nevada 3500\\/22m \\(288055-01\\) Firmware
Bakerhughes Bentley Nevada 3500 Rack Configuration \\(129133-01\\) Firmware
9.8
CVSSv3
CVE-2015-7841
The login page of the server on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with...
Huawei Fusionserver Ch220 V3 V100r001c00
Huawei Fusionserver Ch222 V3 V100r001c00
Huawei Fusionserver Xh628 V3 V100r003c00
Huawei Fusionserver Rh2288h V3 V100r003c00
Huawei Fusionserver Rh2288 V3 V100r003c00
Huawei Fusionserver Ch121 V3 V100r001c00
Huawei Fusionserver Rh1288a V2 V100r002c00
Huawei Fusionserver Rh1288 V3 V100r003c00spc100
Huawei Fusionserver Rh8100 V3 V100r003c00
Huawei Fusionserver Rh2288a V2 V100r002c00
8.8
CVSSv3
CVE-2015-7843
The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with sof...
Huawei Fusionserver Rh1288a V2 V100r002c00
Huawei Fusionserver Rh2288a V2 V100r002c00
Huawei Fusionserver Rh1288 V3 V100r003c00spc100
Huawei Fusionserver Xh628 V3 V100r003c00
Huawei Fusionserver Ch222 V3 V100r001c00
Huawei Fusionserver Rh2288 V3 V100r003c00
Huawei Fusionserver Ch220 V3 V100r001c00
Huawei Fusionserver Rh8100 V3 V100r003c00
Huawei Fusionserver Rh2288h V3 V100r003c00
Huawei Fusionserver Ch121 V3 V100r001c00
5.9
CVSSv3
CVE-2022-23634
Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `puma` may not always call `close` on the response body. Rails, prior to version `7.0.2.2`, depended on the response body being closed in order for its `CurrentAttributes` implementation to wor...
Puma Puma
Rubyonrails Rails
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »