Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14168 matches found

OSV
OSVadded 2024/09/18 12:0 a.m.22 views

ALSA-2024:6784 Moderate: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

7.5CVSS6.7AI score0.08335EPSS
Exploits0References10
OSV
OSVadded 2024/09/18 12:0 a.m.18 views

ALSA-2024:6785 Moderate: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: rexml: DoS vulnerability in REXML CVE-2024-39908 rexml: rubygem-rexml: DoS when parsing an XML having many specific characters suc...

7.5CVSS6.7AI score0.08335EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletinsadded 2024/09/17 8:56 a.m.24 views

Security Bulletin: A vulnerability in XML toolkit for Ruby affects IBM License Metric Tool.

Summary There is a vulnerability in the XML toolkit for Ruby component used by IBM License Metric Tool. Vulnerability Details CVEID:CVE-2024-43398 DESCRIPTION: Ruby REXML is vulnerable to a denial of service, caused by improper input validation. By using a specially crafted XML content, a remote...

7.5CVSS6.2AI score0.08335EPSS
Exploits0Affected Software1
OSV
OSVadded 2024/09/16 7:18 p.m.24 views

RHSA-2024:3838 Red Hat Security Advisory: ruby security update

Bulletin has no description...

8.8CVSS7.2AI score0.08616EPSS
Exploits1References32
OSV
OSVadded 2024/09/16 7:18 p.m.20 views

RHSA-2024:3671 Red Hat Security Advisory: ruby:3.3 security, bug fix, and enhancement update

Bulletin has no description...

6.6CVSS7.2AI score0.08616EPSS
Exploits0References18
OSV
OSVadded 2024/09/16 7:18 p.m.17 views

RHSA-2024:3670 Red Hat Security Advisory: ruby:3.3 security, bug fix, and enhancement update

Bulletin has no description...

6.6CVSS7.2AI score0.08616EPSS
Exploits0References18
OSV
OSVadded 2024/09/16 7:18 p.m.15 views

RHSA-2024:3668 Red Hat Security Advisory: ruby:3.1 security, bug fix, and enhancement update

Bulletin has no description...

6.6CVSS7.2AI score0.08616EPSS
Exploits0References18
OSV
OSVadded 2024/09/16 7:18 p.m.22 views

RHSA-2024:3546 Red Hat Security Advisory: ruby:3.1 security, bug fix, and enhancement update

Bulletin has no description...

6.6CVSS7.2AI score0.08616EPSS
Exploits0References19
OSV
OSVadded 2024/09/16 7:17 p.m.16 views

RHSA-2024:3500 Red Hat Security Advisory: ruby:3.0 security update

Bulletin has no description...

8.8CVSS7.2AI score0.08616EPSS
Exploits1References32
RedHat Linux
RedHat Linuxadded 2024/09/16 6:8 p.m.3 views

rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]>

A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '', and ''...

7.5CVSS7.3AI score0.00232EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2024/09/16 6:8 p.m.6 views

rexml: DoS vulnerability in REXML

A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...

5.9CVSS5.7AI score0.01135EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2024/09/16 6:8 p.m.5 views

rexml: DoS vulnerability in REXML

A vulnerability was found in REXML RubyGems. This package is vulnerable to denial of service DoS when parsing a deep XML structure with the same local name attribute. This vulnerability only affects tree parser API like REXML::Document.new, other parser APIs such as stream parser API and SAX2...

5.9CVSS5.7AI score0.01135EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2024/09/16 6:8 p.m.5 views

rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]>

A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '', and ''...

7.5CVSS7.3AI score0.00232EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2024/09/16 1:51 a.m.4 views

rexml: rubygem-rexml: DoS when parsing an XML having many specific characters such as whitespace character, >] and ]>

A vulnerability was found in REXML, an XML toolkit used for Ruby. When parsing an untrusted XML with many specific characters, the REXML gem may take a long time, leading to a denial of service condition. Some of these special characters include the whitespace character, '', and ''...

7.5CVSS7.3AI score0.00232EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2024/09/16 12:0 a.m.5 views

PT-2025-8696

Name of the Vulnerable Software and Affected Versions URI gem versions prior to 0.11.3 URI gem versions 0.12.0 through 0.12.3 URI gem versions 0.13.0 through 0.13.1 URI gem versions 1.0.0 through 1.0.2 Description The URI handling methods URI.join, URImerge, URI+ in the URI gem for Ruby have an...

9.8CVSS7.9AI score0.08616EPSS
Exploits2References180
CNNVD
CNNVDadded 2024/09/16 12:0 a.m.5 views

Decidim 跨站脚本漏洞

Decidim is an open source participatory democracy framework from Decidim, written in Ruby on Rails. A cross-site scripting vulnerability exists in Decidim version 0.27.6 and earlier versions, which stems from a possible cross-site scripting attack on QuillJS, the WYSIWYG editor used...

5.4CVSS5.8AI score0.00631EPSS
Exploits0References3
OSV
OSVadded 2024/09/15 8:44 p.m.23 views

RHSA-2013:0698 Red Hat Security Advisory: rubygem-actionpack and ruby193-rubygem-actionpack security update

Bulletin has no description...

4.3CVSS7.4AI score0.00625EPSS
Exploits1References11
OSV
OSVadded 2024/09/15 8:40 p.m.23 views

RHSA-2013:0701 Red Hat Security Advisory: ruby193-ruby, rubygem-json and rubygem-rdoc security update

Bulletin has no description...

5.4CVSS6.7AI score0.17317EPSS
Exploits0References13
OSV
OSVadded 2024/09/15 8:39 p.m.17 views

RHSA-2013:0612 Red Hat Security Advisory: ruby security update

Bulletin has no description...

5CVSS6AI score0.25732EPSS
Exploits1References13
OSV
OSVadded 2024/09/15 8:39 p.m.16 views

RHSA-2013:0611 Red Hat Security Advisory: ruby security update

Bulletin has no description...

5CVSS6.2AI score0.25732EPSS
Exploits0References8
Rows per page
Query Builder