5.8CVSS
5.4AI Score
0.001EPSS
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and <...
8.1CVSS
8.1AI Score
0.019EPSS
A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF...
4.3CVSS
4.5AI Score
0.003EPSS
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information...
8.6CVSS
7.9AI Score
0.002EPSS
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the locals argument of a render call to perform a...
8.8CVSS
8.5AI Score
0.965EPSS
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in...
6.5CVSS
6.2AI Score
0.001EPSS
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an...
9.8CVSS
9.1AI Score
0.666EPSS
A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload...
7.5CVSS
7.2AI Score
0.003EPSS
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong...
7.5CVSS
8AI Score
0.006EPSS
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie...
7.5CVSS
5.9AI Score
0.002EPSS
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and <...
7.4CVSS
7.4AI Score
0.003EPSS
There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a...
9.8CVSS
9.5AI Score
0.027EPSS
7.5CVSS
7AI Score
0.002EPSS
An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the...
6.1CVSS
6.1AI Score
0.002EPSS
A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in user to type the current password in order to change the e-mail address or the password. It was...
6.8CVSS
6.5AI Score
0.001EPSS
There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character...
6.4CVSS
6.6AI Score
0.001EPSS
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of...
5.9CVSS
5AI Score
0.003EPSS
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is...
9.8CVSS
9.5AI Score
0.005EPSS
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509...
7.5CVSS
8.2AI Score
0.004EPSS
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value...
9.8CVSS
9.4AI Score
0.014EPSS
A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi. There are currently no known exploits: the session identifier cannot be accessed as it is stored in an http-only cookie as of v3.2.2. On older...
6.1CVSS
6.3AI Score
0.019EPSS
The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment...
5.9CVSS
5.5AI Score
0.002EPSS
A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFI_BOOT_SERVICES structure might be overwritten by an attacker to execute arbitrary...
7.2CVSS
7.3AI Score
0.001EPSS
7.5CVSS
7.6AI Score
0.001EPSS
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server...
7.5CVSS
8.1AI Score
0.003EPSS
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution...
9.8CVSS
9.5AI Score
0.967EPSS
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be...
7.5CVSS
8.3AI Score
0.975EPSS
A Broken Access Control vulnerability in Active Job versions >= 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,.....
7.5CVSS
7.2AI Score
0.002EPSS
A bypass vulnerability in Active Storage >= 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...
6.5CVSS
6.2AI Score
0.001EPSS
https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g....
9.1CVSS
8.9AI Score
0.007EPSS