Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.52 views

openSUSE Security Update : rubygem-actionpack-2_3 (openSUSE-SU-2013:1905-1)

fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS bnc853632. File CVE-2013-6415.patch contains the patch. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-987. The text...

4.3CVSS5.2AI score0.03171EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.54 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1904-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

6.4CVSS7.1AI score0.207EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.56 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1906-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

6.4CVSS7.1AI score0.207EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.52 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1907-1)

fix CVE-2013-4491: rubygem-actionpack: i18n missing translation XSS bnc853625. File CVE-2013-4491.patch contains the patch - fix CVE-2013-6414: rubygem-actionpack: Action View DoS bnc853633. File CVE-2013-6414.patch contains the patch. - fix CVE-2013-6415: rubygem-actionpack: numbertocurrency XSS...

6.4CVSS7.1AI score0.207EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.58 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:0009-1)

This update fixes the following security issues with rubygem-actionpack-32 : - fix CVE-2013-4389: rubygem-actionmailer-31: possible DoS vulnerability in the log subscriber component bnc846239 File CVE-2013-4389.patch contains the fix. - fix CVE-2013-4491: rubygem-actionpack: i18n missing...

6.4CVSS7.3AI score0.207EPSS
Exploits4References12
OpenVAS
OpenVAS
added 2014/05/26 12:0 a.m.46 views

Fedora Update for rubygem-actionpack FEDORA-2014-6127

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.53703EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2014/05/26 12:0 a.m.51 views

Fedora Update for rubygem-actionpack FEDORA-2014-6098

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.53703EPSS
Exploits4References4
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.101 views

[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2888-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 27, 2014 http://www.debian.org/security/faq -...

6.4CVSS1.6AI score0.207EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2014/03/28 12:0 a.m.53 views

Debian DSA-2888-1 : ruby-actionpack-3.2 - security update

Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

6.4CVSS7.8AI score0.207EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2014/03/21 12:0 a.m.39 views

Puppet Enterprise 3.x < 3.1.1 Multiple Vulnerabilities

According to its self-reported version number, the Puppet Enterprise 3.x install on the remote host is prior to 3.1.1. As a result, it is reportedly affected by multiple vulnerabilities : - An input validation error exists related to the included Ruby version, handling string to floating point...

6.8CVSS8AI score0.34968EPSS
Exploits6References15
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.47 views

Fedora Update for rubygem-actionpack FEDORA-2014-3232

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS7.2AI score0.207EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.50 views

Fedora Update for rubygem-actionpack FEDORA-2013-23636

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS7.8AI score0.207EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2014/01/27 12:0 a.m.43 views

Fedora Update for rubygem-actionpack FEDORA-2014-0970

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.5AI score0.207EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2013/12/09 12:0 a.m.46 views

FreeBSD : rails -- multiple vulnerabilities (6a806960-3016-44ed-8575-8614a7cb57c7)

Rails weblog : Rails 3.2.16 and 4.0.2 have been released! These two releases contain important security fixes, so please upgrade as soon as possible! In order to make upgrading as smooth as possible, we've only included commits directly related to each security issue. The security fixes in 3.2.16...

6.4CVSS5.3AI score0.207EPSS
Exploits2References7
NVD
NVD
added 2013/12/07 12:55 a.m.22 views

CVE-2013-6415

Cross-site scripting XSS vulnerability in the numbertocurrency helper in actionpack/lib/actionview/helpers/numberhelper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter...

4.3CVSS5.4AI score0.03171EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2013/12/07 12:0 a.m.53 views

CVE-2013-6415

Cross-site scripting XSS vulnerability in the numbertocurrency helper in actionpack/lib/actionview/helpers/numberhelper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter...

4.3CVSS5.6AI score0.03171EPSS
Exploits0
CVE
CVE
added 2013/12/07 12:0 a.m.127 views

CVE-2013-6415

CVE-2013-6415 is an XSS vulnerability in Ruby on Rails Action Pack, specifically in the number_to_currency helper (action_view number_helper.rb). It allows a remote attacker to inject arbitrary script/HTML via the unit parameter. Affected are Rails versions prior to 3.2.16 and 4.x prior to 4.0.2....

4.3CVSS5.4AI score0.03171EPSS
Exploits0References15Affected Software2
FreeBSD
FreeBSD
added 2013/12/03 12:0 a.m.57 views

rails -- multiple vulnerabilities

Rails weblog: Rails 3.2.16 and 4.0.2 have been released! These two releases contain important security fixes, so please upgrade as soon as possible! In order to make upgrading as smooth as possible, we've only included commits directly related to each security issue. The security fixes in 3.2.16...

6.4CVSS6.5AI score0.207EPSS
Exploits2References1
Rows per page
Query Builder