15 matches found
CVE-2026-34786 vulnerabilities
Vulnerabilities for packages: ruby3.3-rack, logstash, ruby3.4-rails, ruby3.4-rack, ruby4.0-rack, ruby3.2-rack, kube-fluentd-operator, ruby3.2-rails...
CVE-2026-34786 vulnerabilities
Vulnerabilities for packages: ruby3.2-rails, gitlab-cng, kube-fluentd-operator, pact-broker-docker-fips, pact-broker-docker, ruby3.2-rack, ruby4.0-rack, ruby3.4-rack, ruby3.3-rack, ruby3.4-rails, gitlab-rails-ce, logstash, gitlab-rails-ce-fips...
Linux Distros Unpatched Vulnerability : CVE-2026-34786
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types agains...
CVE-2026-34786
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...
CVE-2026-34786 Rack: Rack::Static header_rules bypass via URL-encoded paths
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...
CVE-2026-34786
Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Staticapplicablerules evaluates several headerrules types against the raw URL-encoded PATHINFO, while the underlying file-serving path is decoded before the file is served. As a result, a request for a...
CVE-2024-34786
UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd Generation UniFi Access Points configured as standalone not using UniFi Network Application that could cause the SSID name to change and/or the WiFi Password to be removed on the 5GHz Radio. This vulnerability is fixed in UniFi iOS app...
CVE-2024-34786
creationtimestamp| type| source ---|---|--- 2024-07-09 04:42:37+00:00| seen| https://t.me/cvedetector/224...
CVE-2024-34786
UniFi iOS app 10.15.0 introduces a misconfiguration on 2nd Generation UniFi Access Points configured as standalone not using UniFi Network Application that could cause the SSID name to change and/or the WiFi Password to be removed on the 5GHz Radio. This vulnerability is fixed in UniFi iOS app...
CVE-2022-34786
creationtimestamp| type| source ---|---|--- 2022-06-30 22:38:54+00:00| seen| https://t.me/cibsecurity/45437...
CVE-2022-34786
CVE-2022-34786 affects Jenkins Rich Text Publisher Plugin (versions 1.4 and earlier). The issue is that the plugin does not escape the HTML in the message set by its post-build step, causing stored cross-site scripting (XSS) when an attacker can configure jobs. The Red Hat and other connected doc...
CVE-2021-34786
creationtimestamp| type| source ---|---|--- 2021-09-09 12:29:15+00:00| seen| https://t.me/cibsecurity/28544...
CVE-2021-34786
Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system...
CVE-2021-34786
Cisco BroadWorks CommPilot Application Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system. The CVE-2021-34786 entry maps to Cisco BroadWorks CommPilot issues; Cisco’s adv...
CVE-2025-34786
This CVE entry is rejected/not used and does not represent an active vulnerability entry.