Lucene search
K

18 matches found

Veracode
Veracode
added 2019/05/02 5:1 a.m.42 views

Arbitrary Code Execution

Red Hat CloudForms Management Engine delivers the insight, control, and automation enterprises need to address the challenges of managing virtual environments, which are far more complex than physical ones. This technology enables enterprises with existing virtual infrastructures to improve...

7.5CVSS7.1AI score0.34968EPSS
Exploits3References8Affected Software6
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.55 views

Rails vulnerable to Cross-site Scripting

There is an XSS vulnerability in the numbertocurrency, numbertopercentage and numbertohuman helpers in Ruby on Rails. This vulnerability has been assigned the CVE identifier CVE-2014-0081. Versions Affected: All. Fixed Versions: 4.1.0.beta2, 4.0.3, 3.2.17. Impact ------ These helpers allows users...

4.3CVSS6AI score0.04032EPSS
Exploits0References12Affected Software2
OSV
OSV
added 2017/10/24 6:33 p.m.41 views

GHSA-M46P-GGM5-5J83 Rails vulnerable to Cross-site Scripting

There is an XSS vulnerability in the numbertocurrency, numbertopercentage and numbertohuman helpers in Ruby on Rails. This vulnerability has been assigned the CVE identifier CVE-2014-0081. Versions Affected: All. Fixed Versions: 4.1.0.beta2, 4.0.3, 3.2.17. Impact ------ These helpers allows users...

4.3CVSS6.5AI score0.04032EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.44 views

Fedora Update for rubygem-actionpack FEDORA-2014-15371

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.53703EPSS
Exploits5References4
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.101 views

[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2929-1 [email protected] http://www.debian.org/security/ Florian Weimer May 16, 2014 http://www.debian.org/security/faq -...

5CVSS2.1AI score0.53703EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.43 views

openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2014:0295-1)

rubygem-actionpack-32 was updated to fix security issues : - fix CVE-2014-0081: XSS Vulnerability in numbertocurrency, numbertopercentage and numbertohuman bnc864433 - fix CVE-2014-0082: Denial of Service Vulnerability in Action View when using render :text bnc864431 %NASLMINLEVEL 70300 C Tenable...

5CVSS6.6AI score0.06193EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/05/26 12:0 a.m.51 views

Fedora Update for rubygem-actionpack FEDORA-2014-6098

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.53703EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2014/05/26 12:0 a.m.46 views

Fedora Update for rubygem-actionpack FEDORA-2014-6127

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.2AI score0.53703EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2014/05/19 12:0 a.m.52 views

Debian DSA-2929-1 : ruby-actionpack-3.2 - security update

Several vulnerabilities were discovered in Action Pack, a component of Ruby on Rails. - CVE-2014-0081 actionview/lib/actionview/helpers/numberhelper.rb contains multiple cross-site scripting vulnerabilities - CVE-2014-0082 actionpack/lib/actionview/template/text.rb performs symbol interning on MI...

7.5CVSS6.6AI score0.53703EPSS
Exploits2References9
Debian
Debian
added 2014/05/16 8:15 a.m.43 views

[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2929-1 [email protected] http://www.debian.org/security/ Florian Weimer May 16, 2014 http://www.debian.org/security/faq -...

7.5CVSS7.1AI score0.53703EPSS
Exploits2
OpenVAS
OpenVAS
added 2014/05/15 12:0 a.m.40 views

Debian: Security Advisory (DSA-2929-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.53703EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.47 views

Fedora Update for rubygem-actionpack FEDORA-2014-3232

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS7.2AI score0.207EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.43 views

Fedora Update for rubygem-activerecord FEDORA-2014-3169

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.3AI score0.04032EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/03/11 4:56 p.m.66 views

Critical: Red Hat Security Advisory: cfme security, bug fix, and enhancement update

Updated cfme packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat CloudForms 3.0. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, whic...

7.5CVSS7.3AI score0.34968EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2014/03/11 12:0 a.m.39 views

Fedora 20 : rubygem-actionpack-4.0.0-3.fc20 / rubygem-activerecord-4.0.0-2.fc20 (2014-3169)

This fixes Ruby on Rails 4.0.3 security CVEs : - CVE-2014-0080 - CVE-2014-0081 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

6.8CVSS7.2AI score0.04032EPSS
Exploits0References6
NVD
NVD
added 2014/02/20 3:27 p.m.21 views

CVE-2014-0081

Multiple cross-site scripting XSS vulnerabilities in actionview/lib/actionview/helpers/numberhelper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the 1 format, 2 negativeformat, or 3 units...

4.3CVSS5.6AI score0.04032EPSS
Exploits0References8
CVE
CVE
added 2014/02/20 11:0 a.m.139 views

CVE-2014-0081

CVE-2014-0081 affects Ruby on Rails: multiple XSS flaws in actionview/lib/action_view/helpers/number_helper.rb allow remote injection via format, negative_format, or units in number_to_currency, number_to_percentage, and number_to_human. Affected Rails versions: 3.2.x before 3.2.17, 4.0.x before ...

4.3CVSS5.9AI score0.04032EPSS
Exploits0References8Affected Software2
RubySec
RubySec
added 2014/02/18 12:0 a.m.34 views

CVE-2014-0081 rubygem-actionpack: number_to_currency, number_to_percentage and number_to_human XSS vulnerability

Multiple cross-site scripting XSS vulnerabilities in actionview/lib/actionview/helpers/numberhelper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the 1 format, 2 negativeformat, or 3 units...

4.3CVSS5.9AI score0.04032EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder