Skip to main content
CVE-2014-0130 HIGH KEV PATCH THREAT Act Now

Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 45.4%.

Path Traversal
NVD VulDB
CVSS 3.1
7.5
EPSS
45.4%
Threat
4.4
CVE-2014-2913 HIGH POC THREAT Act Now

Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.6%.

Information Disclosure Remote Plugin Executor Opensuse
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
18.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy