Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-21647
Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without...
Puma Puma
NA
CVE-2023-38971
Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote malicious user to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function.
Uatech Badaso
NA
CVE-2023-40175
Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is ...
Puma Puma
1 Github repository
NA
CVE-2023-20228
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient va...
Cisco Encs 5100 Firmware
Cisco Encs 5400 Firmware
Cisco Ucs C220 M5 Rack Server Firmware
Cisco Ucs E160s M3 Firmware
Cisco Ucs E180d M3 Firmware
Cisco Ucs-e1120d-m3 Firmware
NA
CVE-2023-33798
A stored cross-site scripting (XSS) vulnerability in the Create Rack (/dcim/rack/) function of Netbox v3.5.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
Netbox Netbox 3.5.1
NA
CVE-2023-33785
A stored cross-site scripting (XSS) vulnerability in the Create Rack Roles (/dcim/rack-roles/) function of Netbox v3.5.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
Netbox Netbox 3.5.1
NA
CVE-2023-27539
Several vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface, which may result in denial of service and shell escape sequence injection. For the oldstable distribution (bullseye), these problems have been fixed in version 2.1.4-3+deb11u1. We recommend ...
NA
CVE-2023-27530
A DoS vulnerability exists in Rack <v3.0.4.2, <v2.2.6.3, <v2.1.4.3 and <v2.0.9.3 within in the Multipart MIME parsing code in which could allow an malicious user to craft requests that can be abuse to cause multipart parsing to take longer than expected.
Rack Project Rack
Debian Debian Linux 10.0
Debian Debian Linux 11.0
NA
CVE-2023-20012
A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the im...
Cisco Nexus 93180yc-fx3s Firmware -
Cisco Nexus 93180yc-fx3 Firmware -
Cisco Ucs Central Software
Cisco Ucs 6536 Firmware -
Cisco Ucs 64108 Firmware -
Cisco Ucs 6454 Firmware -
NA
CVE-2022-44570
A denial of service vulnerability in the Range header parsing component of Rack >= 1.5.0. A Carefully crafted input can cause the Range header parsing component in Rack to take an unexpected amount of time, possibly resulting in a denial of service attack vector. Any applicati...
Rack Project Rack
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »