Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rack project rack vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2018-16470
There is a possible DoS vulnerability in the multipart parser in Rack prior to 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.
Rack Project Rack 2.0.5
Rack Project Rack 2.0.4
445
VMScore
CVE-2015-3193
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 prior to 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote malicious users to obt...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
Nodejs Node.js
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
1 Github repository
445
VMScore
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
445
VMScore
CVE-2015-0207
The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a does not properly isolate the state information of independent data streams, which allows remote malicious users to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DT...
Openssl Openssl 1.0.2
445
VMScore
CVE-2015-0290
The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 prior to 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote malicious users to cause a denial of service (pointer cor...
Openssl Openssl 1.0.2
445
VMScore
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
445
VMScore
CVE-2013-0183
multipart/parser.rb in Rack 1.3.x prior to 1.3.8 and 1.4.x prior to 1.4.3 allows remote malicious users to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.
Rack Project Rack 1.3.1
Rack Project Rack 1.3.7
Rack Project Rack 1.3.2
Rack Project Rack 1.3.5
Rack Project Rack 1.3.6
Rack Project Rack 1.3.0
Rack Project Rack 1.3.4
Rack Project Rack 1.3.3
Rack Project Rack 1.4.2
Rack Project Rack 1.4.0
Rack Project Rack 1.4.1
445
VMScore
CVE-2011-5036
Rack prior to 1.1.3, 1.2.x prior to 1.2.5, and 1.3.x prior to 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sending many ...
Rack Project Rack 1.3.0
Rack Project Rack 1.3.1
Rack Project Rack 1.2.0
Rack Project Rack 1.2.1
Rack Project Rack 1.3.4
Rack Project Rack 1.3.5
Rack Project Rack 1.2.2
Rack Project Rack 1.2.3
Rack Project Rack 1.2.4
Rack Project Rack
Rack Project Rack 1.3.2
Rack Project Rack 1.3.3
430
VMScore
CVE-2017-5754
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
Intel Pentium N N3700
Intel Pentium N N3710
Intel Celeron N N3000
Intel Celeron N N3010
Intel Celeron N N3050
Intel Celeron N N2930
Intel Celeron N N2920
Intel Celeron N N2808
Intel Celeron N N2807
Intel Celeron J J3060
Intel Celeron J J1900
Intel Atom X3 C3295rk
Intel Atom X3 C3235rk
Intel Atom Z Z3775d
Intel Atom Z Z3775
Intel Atom Z Z3736f
Intel Atom Z Z3735g
Intel Atom Z Z3560
Intel Atom Z Z3530
Intel Atom Z Z2480
Intel Atom Z Z2460
Intel Atom C C3308
41 Github repositories
8 Articles
419
VMScore
CVE-2018-3640
Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Var...
Intel Pentium J J4205
Intel Celeron N N3450
Intel Atom Z Z2560
Intel Atom Z Z2580
Intel Atom Z Z3590
Intel Atom Z Z3735d
Intel Atom Z Z3740d
Intel Atom Z Z3745
Intel Atom Z Z3795
Intel Atom Z Z2420
Intel Atom C C3338
Intel Atom C C3508
Intel Atom C C3830
Intel Atom C C3850
Intel Xeon Silver 4110
Intel Xeon Silver 4112
Intel Xeon Platinum 8160
Intel Xeon Platinum 8160f
Intel Xeon Platinum 8176
Intel Xeon Platinum 8176f
Intel Xeon Gold 85120
Intel Pentium Silver J5005
3 Github repositories
4 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »