Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2020-15237
In Shrine before version 3.3.0, when using the `derivation_endpoint` plugin, it's possible for the malicious user to use a timing attack to guess the signature of the derivation URL. The problem has been fixed by comparing sent and calculated signature in constant time, usin...
Shrinerb Shrine
6.1
CVSSv3
CVE-2017-6604
A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. This vulnerability affects the following Cisco products running Cisco IMC Software: Unif...
Cisco Unified Computing System 3.0\\(1c\\)
Cisco Unified Computing System 2.2\\(8b\\)
Cisco Unified Computing System 3.1\\(2c\\)b
NA
CVE-2012-2660
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails prior to 3.0.13, 3.1.x prior to 3.1.5, and 3.2.x prior to 3.2.4 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote malicious u...
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.12
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.11
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.13
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.1.1
Rubyonrails Rails 3.1.2
Rubyonrails Rails 3.1.4
Rubyonrails Rails 3.1.5
Rubyonrails Rails 3.1.3
Rubyonrails Rails 3.2.3
1 Github repository
NA
CVE-2012-2694
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails prior to 3.0.14, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.6 does not properly consider differences in parameter handling between the Active Record component and the Rack interface, which allows remote malicious u...
Rubyonrails Rails 3.0.12
Rubyonrails Rails 3.0.0
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.9
Rubyonrails Ruby On Rails
Rubyonrails Rails 3.0.13
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.3
Rubyonrails Rails 3.0.6
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.11
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.1.2
Rubyonrails Rails 3.1.4
Rubyonrails Rails 3.1.5
Rubyonrails Rails 3.1.1
Rubyonrails Rails 3.1.3
1 Github repository
7.5
CVSSv3
CVE-2021-32997
The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. 3060/00 versions 6.98 and prior, 3500 System 1, Part No. 3071/xx & 3072/xx versions 21.1 HF1 and prior, 3500 Rack Configuration, Part No. 129133-01 versions 6.4 and prior, and 3500/22M Firmware, Pa...
Bakerhughes Bentley Nevada 3500 System 1 6.x \\(3060\\/00\\) Firmware
Bakerhughes Bentley Nevada 3500 System 1 \\(3072\\/xx\\) Firmware 21.1
Bakerhughes Bentley Nevada 3500 System 1 \\(3072\\/xx\\) Firmware
Bakerhughes Bentley Nevada 3500 System 1 \\(3071\\/xx\\) Firmware 21.1
Bakerhughes Bentley Nevada 3500 System 1 \\(3071\\/xx\\) Firmware
Bakerhughes Bentley Nevada 3500\\/22m \\(288055-01\\) Firmware
Bakerhughes Bentley Nevada 3500 Rack Configuration \\(129133-01\\) Firmware
7.1
CVSSv3
CVE-2015-7842
Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with software before V100R002C00SPC7...
Huawei Rh2288 V3 Firmware
Huawei Rh2288h V3 Firmware
Huawei Xh628 V3 Firmware
Huawei Rh1288 V3 Firmware
Huawei Rh2288a V2 Firmware
Huawei Rh1288a V2 Firmware
Huawei Rh8100 V3 Firmware
Huawei Ch222 V3 Firmware
Huawei Ch220 V3 Firmware
Huawei Ch121 V3 Firmware
9.8
CVSSv3
CVE-2015-7841
The login page of the server on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with...
Huawei Fusionserver Ch220 V3 V100r001c00
Huawei Fusionserver Ch222 V3 V100r001c00
Huawei Fusionserver Xh628 V3 V100r003c00
Huawei Fusionserver Rh2288h V3 V100r003c00
Huawei Fusionserver Rh2288 V3 V100r003c00
Huawei Fusionserver Ch121 V3 V100r001c00
Huawei Fusionserver Rh1288a V2 V100r002c00
Huawei Fusionserver Rh1288 V3 V100r003c00spc100
Huawei Fusionserver Rh8100 V3 V100r003c00
Huawei Fusionserver Rh2288a V2 V100r002c00
8.8
CVSSv3
CVE-2015-7843
The management interface on Huawei FusionServer rack servers RH2288 V3 with software before V100R003C00SPC603, RH2288H V3 with software before V100R003C00SPC503, XH628 V3 with software before V100R003C00SPC602, RH1288 V3 with software before V100R003C00SPC602, RH2288A V2 with sof...
Huawei Fusionserver Rh1288a V2 V100r002c00
Huawei Fusionserver Rh2288a V2 V100r002c00
Huawei Fusionserver Rh1288 V3 V100r003c00spc100
Huawei Fusionserver Xh628 V3 V100r003c00
Huawei Fusionserver Ch222 V3 V100r001c00
Huawei Fusionserver Rh2288 V3 V100r003c00
Huawei Fusionserver Ch220 V3 V100r001c00
Huawei Fusionserver Rh8100 V3 V100r003c00
Huawei Fusionserver Rh2288h V3 V100r003c00
Huawei Fusionserver Ch121 V3 V100r001c00
5.9
CVSSv3
CVE-2022-23634
Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `puma` may not always call `close` on the response body. Rails, prior to version `7.0.2.2`, depended on the response body being closed in order for its `CurrentAttributes` implementation to wor...
Puma Puma
Rubyonrails Rails
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
9.8
CVSSv3
CVE-2023-40175
Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is ...
Puma Puma
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »