CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2022/01/28 12:0 a.m.•26 views

Mageia: Security Advisory (MGASA-2020-0252)

8.6CVSS7AI score0.00907EPSS

Exploits0References7

OpenVAS•added 2022/01/28 12:0 a.m.•9 views

Mageia: Security Advisory (MGASA-2014-0156)

4.3CVSS6.6AI score0.00273EPSS

Exploits1References4

Tenable Nessus•added 2021/05/19 12:0 a.m.•25 views

Debian DSA-4918-1 : ruby-rack-cors - security update

Improper pathname handling in ruby-rack-cors, a middleware that makes Rack-based apps CORS compatible, may result in access to private resources. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...

OpenVAS•added 2021/05/19 12:0 a.m.•15 views

Exploits0References5

Debian: Security Advisory (DSA-4918-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.4AI score0.00777EPSS

Debian•added 2021/05/18 2:42 p.m.•22 views

[SECURITY] [DSA 4918-1] ruby-rack-cors security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4918-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 18, 2021 https://www.debian.org/security/faq -...

5CVSS1.5AI score0.00777EPSS

Debian•added 2021/05/18 2:42 p.m.•24 views

[SECURITY] [DSA 4918-1] ruby-rack-cors security update

Snyk•added 2021/05/12 9:55 a.m.•1 views

Denial of Service (DoS)

Overview puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process...

7.5CVSS6.9AI score0.01587EPSS

Exploits0References2

OpenVAS•added 2021/04/07 12:0 a.m.•26 views

Ubuntu: Security Advisory (USN-4561-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.9AI score0.00907EPSS

Exploits1References2

Tenable Nessus•added 2020/10/08 12:0 a.m.•41 views

Debian DLA-2398-1 : puma security update

Several security vulnerabilities have been discovered in puma, highly concurrent HTTP server for Ruby/Rack applications. CVE-2020-11076 By using an invalid transfer-encoding header, an attacker could smuggle an HTTP response. CVE-2020-11077 client could smuggle a request through a proxy, causing...

7.5CVSS6.9AI score0.01782EPSS

Exploits0References5

OpenVAS•added 2020/10/06 12:0 a.m.•18 views

Ubuntu: Security Advisory (USN-4571-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.4AI score0.00777EPSS

Exploits0References2

OSV•added 2020/10/05 6:20 p.m.•3 views

USN-4571-1 ruby-rack-cors vulnerability

It was discovered that rack-cors did not properly handle relative file paths. An attacker could use this vulnerability to access arbitrary files...

5.3CVSS6.1AI score0.00777EPSS

Exploits0References2

Ubuntu•added 2020/10/05 6:20 p.m.•61 views

USN-4571-1: rack-cors vulnerability

It was discovered that rack-cors did not properly handle relative file paths. An attacker could use this vulnerability to access arbitrary files...

5.3CVSS5.8AI score0.00777EPSS

Tenable Nessus•added 2020/10/05 12:0 a.m.•21 views

Debian DLA-2389-1 : ruby-rack-cors security update

This package allowed ../ directory traversal to access private resources because resource matching did not ensure that pathnames were in a canonical format. For Debian 9 stretch, this problem has been fixed in version 0.4.0-1+deb9u2. We recommend that you upgrade your ruby-rack-cors packages. For...

OpenVAS•added 2020/10/02 12:0 a.m.•53 views

Debian: Security Advisory (DLA-2389-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7AI score0.00777EPSS

Debian•added 2020/10/01 12:17 p.m.•26 views

[SECURITY] [DLA 2389-1] ruby-rack-cors security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2389-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 01, 2020 https://wiki.debian.org/LTS -...