Linux Distros Unpatched Vulnerability : CVE-2014-0083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords. CVE-2014-0083 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2019-17383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem...

Linux Distros Unpatched Vulnerability : CVE-2024-26142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatc...

Linux Distros Unpatched Vulnerability : CVE-2025-25292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to...

Linux Distros Unpatched Vulnerability : CVE-2022-31072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the g...

SUSE: Security Advisory (SUSE-SU-2025:02814-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2024-32978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified ...

Linux Distros Unpatched Vulnerability : CVE-2017-0903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypa...

Linux Distros Unpatched Vulnerability : CVE-2025-25291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ruby2.5 (SUSE-SU-2025:02814-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02814-1 advisory. - CVE-2024-35221: Fixed remote denial of service via YAML manifest bsc1225905 Tenable has extracted the...

CVE-2011-10019

Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the searchsend parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute...

Security update for ruby2.5

This update for ruby2.5 fixes the following issues: CVE-2024-35221: Fixed remote denial of service via YAML manifest bsc1225905 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

SUSE-SU-2025:02814-1 Security update for ruby2.5

This update for ruby2.5 fixes the following issues: - CVE-2024-35221: Fixed remote denial of service via YAML manifest bsc1225905...

GHSA-76R7-HHXJ-R776 vulnerabilities

Vulnerabilities for packages: ruby3.3-activerecord, ruby3.4-activerecord, ruby3.2-activerecord...

CVE-2025-55193 vulnerabilities

Vulnerabilities for packages: ruby3.3-activerecord, ruby3.4-activerecord, ruby3.2-activerecord...

GHSA-76R7-HHXJ-R776 vulnerabilities

Vulnerabilities for packages: ruby3.4-activerecord, ruby3.2-activerecord, ruby3.3-activerecord...

CVE-2025-55193 vulnerabilities

Vulnerabilities for packages: ruby3.4-activerecord, ruby3.2-activerecord, ruby3.3-activerecord...

Linux Distros Unpatched Vulnerability : CVE-2022-24790

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that...

Malicious code in ruby-kafka-oauth-client (npm)

The package ruby-kafka-oauth-client was found to contain malicious code...

MAL-2025-9270 Malicious code in @ruby-team/sst-tasks (npm)

The package @ruby-team/sst-tasks was found to contain malicious code...