Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14147 matches found

Tenable Nessus
Tenable Nessusadded 2025/03/10 12:0 a.m.13 views

Debian dla-4082 : libruby2.7 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4082 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4082-1 [email protected]...

7.5CVSS7AI score0.00315EPSS
Exploits0References8
CNNVD
CNNVDadded 2025/03/10 12:0 a.m.2 views

Rack 安全漏洞

Rack is a modular Ruby web server interface open-sourced by Rack. A security vulnerability exists in Rack versions prior to 2.2.13, prior to 3.0.14, and prior to 3.1.12, which stems from Rack::Static not properly cleaning up user-supplied paths, which could lead to file exposure...

7.5CVSS7AI score0.01354EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linuxadded 2025/03/07 12:0 a.m.5 views

ruby3.4-rubygem-rack-2.2-2.2.12-1.1 on GA media (moderate)

ruby3.4-rubygem-rack-2.2-2.2.12-1.1 on GA media Announcement ID: openSUSE-SU-2025:14859-1 Rating: moderate Cross-References: CVE-2025-27111 CVSS scores: CVE-2025-27111 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2025-27111 SUSE : 6.9...

6.9CVSS6.6AI score0.00668EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/03/06 7:56 p.m.4 views

Malicious code in poc-by-shahwar (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6381347b8b3c6e2f8f2d7aa1b39647e7f7444e10122cd821b80ae6b3d05c5a7e The OpenSSF Package Analysis project identified 'poc-by-shahwar' @ 0.1.0 rubygems as malicious. It is considered malicious because: - The packag...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/03/06 7:41 p.m.4 views

Malicious code in poc-genrateed-by-noob (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2adff977f2503f0afe5fb20e3154fa4f8c9a3d0fa5dc7a96613fb5b9434673b4 The OpenSSF Package Analysis project identified 'poc-genrateed-by-noob' @ 0.1.0 rubygems as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/03/06 7:8 p.m.4 views

Malicious code in evil_gem (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e1cbacc9bc6d36bcde7b6cb93df89df1fae5c8f70a841dc916a8ba6cdad2ff95 The OpenSSF Package Analysis project identified 'evilgem' @ 0.1.0 rubygems as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-49761

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between & and x...; in a hex...

8.7CVSS7.3AI score0.01645EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2010-3299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks. CVE-2010-3299 Note that Nessus relies on the presence of the packag...

6.5CVSS6.5AI score0.0027EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-17916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in the 'findby' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name'...

8.1CVSS8.5AI score0.00582EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-47888

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there is a...

8.7CVSS6.1AI score0.00476EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2011-3187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tos method in actionpack/lib/actiondispatch/middleware/remoteip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP...

4.3CVSS5.8AI score0.08484EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-47889

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1, there i...

8.7CVSS6.1AI score0.00317EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-17919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in the 'order' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id desc'...

8.1CVSS8.5AI score0.00582EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-0306

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted...

7.4CVSS7.1AI score0.00593EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2025-27219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service DoS vulnerability. The method does...

7.5CVSS6.6AI score0.00315EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-17917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in the 'where' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'id'...

8.1CVSS8.5AI score0.01309EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-3704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file...

5.4CVSS4.2AI score0.00287EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2024-47887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1,...

8.7CVSS6.1AI score0.00273EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-41128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action Pack is a framework for handling and responding to web requests. Starting in version 3.1.0 and prior to versions 6.1.7.9, 7.0.8.5, 7.1.4.1, and 7.2.1.1,...

8.7CVSS6AI score0.00557EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/03/06 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-17920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in the 'reorder' method in Ruby on Rails 5.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the 'name'...

8.1CVSS8.5AI score0.00484EPSS
Exploits1References2
Rows per page
Query Builder