Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-44571
There is a denial of service vulnerability in the Content-Disposition parsingcomponent of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1, 3.0.0.1. This could allow an malicious user to craft an input that can cause Content-Disposition header parsing in Rackto take an unexpected amount o...
Rack Project Rack
NA
CVE-2022-44572
A denial of service vulnerability in the multipart parsing component of Rack fixed in 2.0.9.2, 2.1.4.2, 2.2.4.1 and 3.0.0.1 could allow an malicious user tocraft input that can cause RFC2183 multipart boundary parsing in Rack to take an unexpected amount of time, possibly resulti...
Rack Project Rack
NA
CVE-2022-30122
A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.
Rack Project Rack
Debian Debian Linux 11.0
NA
CVE-2022-30123
A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack.
Rack Project Rack
Debian Debian Linux 11.0
445
VMScore
CVE-2021-32997
The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. 3060/00 versions 6.98 and prior, 3500 System 1, Part No. 3071/xx & 3072/xx versions 21.1 HF1 and prior, 3500 Rack Configuration, Part No. 129133-01 versions 6.4 and prior, and 3500/22M Firmware, Pa...
Bakerhughes Bentley Nevada 3500 System 1 6.x \\(3060\\/00\\) Firmware
Bakerhughes Bentley Nevada 3500 System 1 \\(3072\\/xx\\) Firmware 21.1
Bakerhughes Bentley Nevada 3500 System 1 \\(3072\\/xx\\) Firmware
Bakerhughes Bentley Nevada 3500 System 1 \\(3071\\/xx\\) Firmware 21.1
Bakerhughes Bentley Nevada 3500 System 1 \\(3071\\/xx\\) Firmware
Bakerhughes Bentley Nevada 3500\\/22m \\(288055-01\\) Firmware
Bakerhughes Bentley Nevada 3500 Rack Configuration \\(129133-01\\) Firmware
321
VMScore
CVE-2022-22558
Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of servic...
Dell R6415 Firmware
Dell R7415 Firmware
Dell R7425 Firmware
Dell R730 Firmware
Dell R730xd Firmware
Dell R630 Firmware
Dell C4130 Firmware
Dell M630 Firmware
Dell M630p Firmware
Dell Fc630 Firmware
Dell Fc430 Firmware
Dell M830 Firmware
Dell M830p Firmware
Dell Fc830 Firmware
Dell T630 Firmware
Dell R530 Firmware
Dell R430 Firmware
Dell T430 Firmware
Dell R830 Firmware
Dell C6320 Firmware
445
VMScore
CVE-2022-24790
Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request sta...
Puma Puma
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
384
VMScore
CVE-2022-23634
Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `puma` may not always call `close` on the response body. Rails, prior to version `7.0.2.2`, depended on the response body being closed in order for its `CurrentAttributes` implementation to wor...
Puma Puma
Rubyonrails Rails
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
534
VMScore
CVE-2021-22825
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could allow an malicious user to access the system with elevated privileges when a privileged account clicks on a malicious URL that compromises the security token. Affected Products: ...
Schneider-electric Rack Power Distribution Unit With Network Management Card 2 Firmware
Schneider-electric Rack Power Distribution Unit With Network Management Card 3 Firmware
383
VMScore
CVE-2021-22810
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability exists that could cause arbritrary script execution when a privileged account clicks on a malicious URL specifically crafted for the NMC pointing to a delete pol...
Schneider-electric Network Management Card 2 Firmware
Schneider-electric Network Management Card 3 Firmware
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »