CVSS: 4.3EPSS: 0%CPEs: 137EXPL: 0CVE-2014-7818
https://notcve.org/view.php?id=CVE-2014-7818
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4.2.0.beta3, when serve_static_assets is enabled, allows remote attackers to determine the existence of files outside the application root via a /..%2F sequence. Vulnerabilidad de salto de directorio en actionpack/lib/action_dispatch/middleware/static.rb en Action Pack en Ruby on Rails 3.x anterior a 3.2.20, 4.0.x anterior a 4.0.11, 4.1.x anterior a 4.1.7, y 4.2.x anterior a 4.2.0.beta3, cuando serve_static_assets está habilitado, permite a atacantes remotos determinar la existencia de ficheros fuera del root de la aplicación a través de una secuencia /..%2F. • http://lists.opensuse.org/opensuse-updates/2014-11/msg00112.html https://groups.google.com/forum/message/raw?msg=rubyonrails-security/dCp7duBiQgo/v_R_8PFs5IwJ https://puppet.com/security/cve/cve-2014-7829 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 79%CPEs: 27EXPL: 0CVE-2014-3693 – libreoffice: Use-After-Free in socket manager of Impress Remote
https://notcve.org/view.php?id=CVE-2014-3693
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599. Vulnerabilidad de uso después de liberación en el gestor del socket de Impress Remote en LibreOffice 4.x anterior a 4.2.7 y 4.3.x anterior a 4.3.3 permite a atacantes remotos causar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una solicitud manipulada al puerto TCP 1599. A use-after-free flaw was found in the "Remote Control" capabilities of the LibreOffice Impress application. An attacker could use this flaw to remotely execute code with the permissions of the user running LibreOffice Impress. • http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html http://rhn.redhat.com/errata/RHSA-2015-0377.html http://secunia.com/advisories/62111 http://secunia.com/advisories/62132 http://secunia.com/advisories/62396 http://www.securityfocus.com/bid/71351 http://www.ubuntu.com/usn/USN-2398-1 https://security.gentoo.org/glsa/201603-05 https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693 https://access.redhat.com/security/cve/CVE-2014-3693 https:& • CWE-416: Use After Free •
CVSS: 5.0EPSS: 2%CPEs: 6EXPL: 0CVE-2014-8483
https://notcve.org/view.php?id=CVE-2014-8483
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string. La función blowfishECB en core/cipher.cpp en Quassel IRC 0.10.0 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de una cadena malformada. • http://bugs.quassel-irc.org/issues/1314 http://lists.opensuse.org/opensuse-updates/2014-11/msg00028.html http://lists.opensuse.org/opensuse-updates/2014-11/msg00046.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html http://secunia.com/advisories/61932 http://secunia.com/advisories/62035 http://secunia.com/advisories/62261 http://www.debian.org/security/2014/dsa-3063 http://www.debian.org/security/2014/dsa-3068 http://www.ubuntu.com/usn/USN-2401-1 h • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 9%CPEs: 31EXPL: 1CVE-2014-8080 – ruby: REXML billion laughs attack via parameter entity expansion
https://notcve.org/view.php?id=CVE-2014-8080
The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack. El analizador REXML en Ruby 1.9.x anterior a 1.9.3-p550, 2.0.x anterior a 2.0.0-p594, y 2.1.x anterior a 2.1.4 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un documento XML manipulado, también conocido como un ataque de la expansión de entidad XML (XEE). • http://advisories.mageia.org/MGASA-2014-0443.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.opensuse.org/opensuse-updates/2014-12/msg00035.html http://lists.opensuse.org/opensuse-updates/2015-01/msg00000.html http://lists.opensuse.org/opensuse-updates/2015-01/msg00004.html http://rhn.redhat.com/errata/RHSA-2014-1911.html http://rhn.redhat.com/errata/RHSA-2014-1912.html http://rhn.redhat.com/errata/RHSA-2014-1913.html http://rhn.r • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 5.1EPSS: 0%CPEs: 6EXPL: 0CVE-2013-0334 – rubygem-bundler: 'bundle install' may install a gem from a source other than expected
https://notcve.org/view.php?id=CVE-2013-0334
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source. Bundler anterior a 1.7, cuando múltiples líneas de fuentes del máximo nivel están utilizadas, permite a atacantes remotos instalar gemas arbitrarias con el mismo nombre como otra gema en una fuente diferente. A flaw was found in the way Bundler handled gems available from multiple sources. An attacker with access to one of the sources could create a malicious gem with the same name, which they could then use to trick a user into installing, potentially resulting in execution of code from the attacker-supplied malicious gem. • http://bundler.io/blog/2014/08/14/bundler-may-install-gems-from-a-different-source-than-expected-cve-2013-0334.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140609.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140654.html http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140655.html http://lists.opensuse.org/opensuse-updates/2015-03/msg00092.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http&# • CWE-20: Improper Input Validation CWE-345: Insufficient Verification of Data Authenticity •