Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Debian CVE
Debian CVEadded 2018/06/26 7:0 p.m.24 views

CVE-2018-3760

There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is...

7.5CVSS7.6AI score0.93887EPSS
Exploits2
MSRC
MSRCadded 2017/11/21 8:0 a.m.25 views

Clarifying the behavior of mandatory ASLR

Last week, the CERT/CC published an advisory describing some unexpected behavior they observed when enabling system-wide mandatory Address Space Layout Randomization ASLR using Windows Defender Exploit Guard WDEG and EMET on Windows 8 and above. In this blog post, we will explain the configuratio...

2.3AI score
Exploits0
GitLab Advisory Database
GitLab Advisory Databaseadded 2013/03/19 12:0 a.m.29 views

Symbol DoS vulnerability in Active Record

When a hash is provided as the find value for a query, the keys of the hash may be converted to symbols. Carefully crafted requests can coerce params:name to return a hash, and the keys to that hash may be converted to symbols. All users running an affected release should either upgrade or use on...

5CVSS2.1AI score0.01795EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessusadded 2013/02/18 12:0 a.m.45 views

FreeBSD : Ruby Activemodel Gem -- Circumvention of attr_protected (beab40bf-c1ca-4d2b-ad46-2f14bac8a968)

Aaron Patterson reports : The attrprotected method allows developers to specify a blacklist of model attributes which users should not be allowed to assign to. By using a specially crafted request, attackers could circumvent this protection and alter values that were meant to be protected. All...

4.3CVSS6AI score0.00606EPSS
Exploits1References2
FreeBSD
FreeBSDadded 2013/02/11 12:0 a.m.43 views

Ruby Activemodel Gem -- Circumvention of attr_protected

Aaron Patterson reports: The attrprotected method allows developers to specify a blacklist of model attributes which users should not be allowed to assign to. By using a specially crafted request, attackers could circumvent this protection and alter values that were meant to be protected. All use...

4.3CVSS6.3AI score0.00606EPSS
Exploits1
ThreatPost
ThreatPostadded 2012/04/12 7:53 p.m.10 views

Talk to IT

Well in advance of your departure date, have a sit-down with IT to talk about your trip and about how to avoid exposing sensitive corporate assets and information to compromise. Your IT group will probably be able to help you find work arounds, secure a line back to the company network and even...

1.6AI score
Exploits0References2
Exploit DB
Exploit DBadded 2008/12/08 12:0 a.m.124 views

siu guarani - Multiple Vulnerabilities

multiple remote vulnerabilities siu guarani general information ------------------- bug type : multiple remote vulnerabilities software name : SIU Guarani vendor : SIU www.siu.edu.ar authors : proudhon & Ubik date : the 341st day of the year 2008 contact : N/A description : SIU-Guarani is a web...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2008/09/16 12:0 a.m.40 views

Failed assertion in the Unreal engine

Luigi Auriemma Application: Unreal engine http://www.unrealtechnology.com Versions: the games which have been tested and resulted vulnerable are Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, Shadow Ops and possibly others. instead those which...

Exploits0
Rows per page
Query Builder