Lucene search
K

3051 matches found

OSV
OSV
added 2006/08/14 9:4 p.m.10 views

CVE-2006-4112

Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...

7.3AI score
Exploits0References14
OSV
OSV
added 2006/08/14 9:4 p.m.4 views

DEBIAN-CVE-2006-4112

Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...

7.5CVSS7.8AI score0.03063EPSS
Exploits0References1
NVD
NVD
added 2006/08/14 9:4 p.m.17 views

CVE-2006-4112

Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...

7.5CVSS7.3AI score0.03063EPSS
Exploits0References11
CVE
CVE
added 2006/08/14 9:0 p.m.86 views

CVE-2006-4112

CVE-2006-4112 concerns Ruby on Rails 1.1.0–1.1.5 where the dependency resolution mechanism in routing can be triggered to execute arbitrary Ruby code via an improperly handled URL, potentially causing DoS (application hang) or data loss. The issue is distinct from CVE-2006-4111. Public sources in...

7.5CVSS7.2AI score0.03063EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2006/08/14 9:0 p.m.60 views

CVE-2006-4112

Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...

7.5CVSS7.1AI score0.03063EPSS
Exploits0
Cvelist
Cvelist
added 2006/08/14 9:0 p.m.29 views

CVE-2006-4112

Unspecified vulnerability in the "dependency resolution mechanism" in Ruby on Rails 1.1.0 through 1.1.5 allows remote attackers to execute arbitrary Ruby code via a URL that is not properly handled in the routing code, which leads to a denial of service application hang or "data loss," a differen...

7.2AI score0.03063EPSS
Exploits0References11
FreeBSD
FreeBSD
added 2006/08/09 12:0 a.m.19 views

rubygem-rails -- evaluation of ruby code

The Ruby on Rails blog reports: With Rails 1.1.0 through 1.1.5 minus the short-lived 1.1.3, you can trigger the evaluation of Ruby code through the URL because of a bug in the routing code of Rails. This means that you can essentially take down a Rails process by starting something like...

0.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/07/03 12:0 a.m.46 views

CentOS 3 / 4 : postgresql (CESA-2005:433)

Updated postgresql packages that fix several security vulnerabilities and risks of data loss are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management system DBMS that...

7.5CVSS5.8AI score0.02045EPSS
Exploits0References8
exploitpack
exploitpack
added 2006/05/22 12:0 a.m.16 views

Sun Java Runtime Environment 1.31.41.5 - Nested Array Objects Denial of Service

Sun Java Runtime Environment 1.31.41.5 - Nested Array Objects Denial of Service source: https://www.securityfocus.com/bid/18058/info The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2006/05/22 12:0 a.m.23 views

Sun Java Runtime Environment 1.3/1.4/1.5 - Nested Array Objects Denial of Service

source: https://www.securityfocus.com/bid/18058/info The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions. This issue is reported to affect Java Runtime Environment versions up to 1.4.211...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.18 views

Ubuntu 4.10 / 5.04 : tiff vulnerability (USN-156-1)

Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the 'YCbCr subsampling' value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a...

5.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.17 views

osTicket setup.php Accessibility

The target is running at least one instance of an improperly secured installation of osTicket and allows access to setup.php. Since that script does not require authenticated access, it is possible for an attacker to modify osTicket's configuration using a specially crafted call to setup.php to...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2005/07/29 12:0 a.m.19 views

[USN-156-1] TIFF vulnerability

=========================================================== Ubuntu Security Notice USN-156-1 July 29, 2005 tiff vulnerability https://bugzilla.ubuntu.com/showbug.cgi?id=12008 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2005/07/18 12:0 a.m.24 views

Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation

Skype Technologies Skype 0.921.01.1 - Insecure Temporary File Creation source: https://www.securityfocus.com/bid/14293/info Skype is affected by an insecure temporary file creation vulnerability. Exploitation would most likely result in loss of data or a denial of service if critical files are...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.37 views

FreeBSD : python -- SimpleXMLRPCServer.py allows unrestricted traversal (6afa87d3-764b-11d9-b0e7-0000e249a0a2)

According to Python Security Advisory PSF-2005-001, The Python development team has discovered a flaw in the SimpleXMLRPCServer library module which can give remote attackers access to internals of the registered object or its module or possibly other modules. The flaw only affects Python XML-RPC...

7.5CVSS5.5AI score0.05386EPSS
Exploits0References3
Cent OS
Cent OS
added 2005/06/01 5:46 p.m.89 views

postgresql, rh security update

CentOS Errata and Security Advisory CESA-2005:433 Updated postgresql packages that fix several security vulnerabilities and risks of data loss are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PostgreSQL is an advanced...

7.5CVSS5.8AI score0.02045EPSS
Exploits0References10
Cent OS
Cent OS
added 2005/05/19 6:33 p.m.67 views

evolution security update

CentOS Errata and Security Advisory CESA-2005:238 Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools...

9.8CVSS5.8AI score0.03179EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2005/05/19 12:17 p.m.25 views

Low: Red Hat Security Advisory: evolution security update

Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Evolution is the GNOME collection of personal information management PIM tools. Evolution includes a mailer, calendar, contact manage...

9.8CVSS5.8AI score0.03179EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2005/05/11 12:0 a.m.31 views

ColdFusion Error Page XSS

Binary data 2893.prm...

7.3AI score
Exploits0References1
CVE
CVE
added 2005/03/28 5:0 a.m.50 views

CVE-2002-1642

This CVE affects PostgreSQL 7.2.1 and 7.2.2. The vulnerability arises in the VACUUM path, where local users can delete transaction log data (pg_clog), leading to a denial of service and potential data loss. The connected Red Hat/RH and NVD sources corroborate that the issue concerns local access ...

7.2CVSS6.3AI score0.00435EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder