Lucene search
K

105 matches found

prion
prion
added 2018/03/14 5:29 p.m.34 views

Information disclosure

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way...

2.1CVSS4.4AI score0.02866EPSS
Exploits17References3Affected Software5
prion
prion
added 2018/03/14 5:29 p.m.26 views

Information disclosure

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way...

1.9CVSS4.3AI score0.02866EPSS
Exploits17References4Affected Software5
cve
cve
added 2018/03/14 5:0 p.m.131 views

CVE-2018-0898

Technical details about CVE-2018-0898 are not publicly available in the provided connected documents. Monitor for updates; no explicit affected products, root cause, impact, or remediation are detailed here.

4.7CVSS4.7AI score0.02201EPSS
Exploits1References3Affected Software8
nessus
nessus
added 2018/03/01 12:0 a.m.77 views

RHEL 7 : ruby (RHSA-2018:0378)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0378 advisory. - ruby: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-0898 - rubygems: Escape sequence in the summary field of gemspec...

9.8CVSS7.7AI score0.73927EPSS
Exploits14References24
nessus
nessus
added 2018/03/01 12:0 a.m.38 views

Oracle Linux 7 : ruby (ELSA-2018-0378)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-0378 advisory. - Add Psych.safeload ruby-2.1.0-there-should-be-only-one-exception.patch ruby-2.1.0-Adding-Psych.safeload.patch Related: CVE-2017-0903 - Disable Tokyo ...

9.8CVSS7.8AI score0.73927EPSS
Exploits14References12
oraclelinux
oraclelinux
added 2018/02/28 12:0 a.m.59 views

ruby security update

2.0.0.648-33 - Fix always passing WEBrick test. 2.0.0.648-32 - Add Psych.safeload ruby-2.1.0-there-should-be-only-one-exception.patch ruby-2.1.0-Adding-Psych.safeload.patch Related: CVE-2017-0903 - Disable Tokyo TZ tests broken by recen tzdata update. ruby-2.5.0-Disable-Tokyo-TZ-tests.patch...

9.8CVSS9.8AI score0.73927EPSS
Exploits14
openvas
openvas
added 2018/02/06 12:0 a.m.34 views

Debian: Security Advisory (DLA-1113-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.9AI score0.16412EPSS
Exploits1References3
nessus
nessus
added 2018/01/15 12:0 a.m.46 views

Fedora 27 : ruby (2017-4166994614)

Update to the Ruby 2.4.2. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

9.3CVSS7.2AI score0.16412EPSS
Exploits1References4
openvas
openvas
added 2017/12/29 12:0 a.m.28 views

Fedora Update for ruby FEDORA-2017-6e6f4f95e6

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.9AI score0.16412EPSS
Exploits1References2
nessus
nessus
added 2017/11/13 12:0 a.m.41 views

Debian DSA-4031-1 : ruby2.3 - security update

Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2017-0898 aerodudrizzt reported a buffer underrun vulnerability in the sprintf method of the Kernel module resulting in...

9.8CVSS7.6AI score0.16412EPSS
Exploits2References14
debian
debian
added 2017/11/11 2:46 p.m.42 views

[SECURITY] [DSA 4031-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4031-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 11, 2017 https://www.debian.org/security/faq -...

9.3CVSS1.8AI score0.16412EPSS
Exploits2
openvas
openvas
added 2017/11/10 12:0 a.m.45 views

Debian: Security Advisory (DSA-4031-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.16412EPSS
Exploits2References3
mageia
mageia
added 2017/10/18 8:19 p.m.42 views

Updated ruby packages fix security vulnerabilities

If a malicious format string which contains a precious specifier is passed and a huge minus value is also passed to the specifier, buffer underrun may be caused. In such situation, the result may contains heap, or the Ruby interpreter may crash CVE-2017-0898. If a malicious string is passed to th...

9.8CVSS0.5AI score0.16412EPSS
Exploits2References8
nessus
nessus
added 2017/10/18 12:0 a.m.35 views

GLSA-201710-18 : Ruby: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201710-18 Ruby: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Ruby. Please review the referenced CVE identifiers for details. Impact : A remote attacker could execute arbitrary code, cause a Denial of...

9.8CVSS7.6AI score0.16412EPSS
Exploits4References6
debian
debian
added 2017/09/26 9:16 p.m.59 views

[SECURITY] [DLA 1114-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.3.194-8.1+deb7u6 CVE ID : CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 Debian Bug : 873802 873906 875928 875931 875936 Multiple vulnerabilities were discovered in the Ruby 1.9 interpretor. CVE-2017-0898 Buff...

9.8CVSS9.4AI score0.29442EPSS
Exploits6
nessus
nessus
added 2017/09/20 12:0 a.m.45 views

FreeBSD : ruby -- multiple vulnerabilities (95b01379-9d52-11e7-a25c-471bafc3262f)

Ruby blog : CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf If a malicious format string which contains a precious specifier is passed and a huge minus value is also passed to the specifier, buffer underrun may be caused. In such situation, the result may contains heap, or the Ruby...

9.8CVSS7.1AI score0.16412EPSS
Exploits2References10
nessus
nessus
added 2017/09/19 12:0 a.m.54 views

Slackware 14.2 / current : ruby (SSA:2017-261-03)

New ruby packages are available for Slackware 14.2 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-261-03. The text itself is copyright C Slackware...

9.8CVSS6.8AI score0.29442EPSS
Exploits7References9
circl
circl
added 2017/09/17 4:13 p.m.5 views

CVE-2017-0898

creationtimestamp| type| source ---|---|--- 2017-09-17 16:13:56+00:00| published-proof-of-concept| https://t.me/evilmartians/220...

9.1CVSS7.1AI score0.09718EPSS
Exploits1References1
cve
cve
added 2017/09/15 7:0 p.m.186 views

CVE-2017-0898

CVE-2017-0898 affects Ruby older branches (before 2.4.2, 2.3.5, and 2.2.8) and is caused by a buffer underrun in Kernel.sprintf, leading to heap memory corruption and potential information disclosure from the heap or application instability. The issue is not restricted to a single product; it app...

9.1CVSS7.4AI score0.09718EPSS
Exploits1References13Affected Software1
freebsd
freebsd
added 2017/09/14 12:0 a.m.40 views

ruby -- multiple vulnerabilities

Ruby blog: CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf If a malicious format string which contains a precious specifier is passed and a huge minus value is also passed to the specifier, buffer underrun may be caused. In such situation, the result may contains heap, or the Ruby...

9.8CVSS9.4AI score0.16412EPSS
Exploits2References5
Rows per page
Query Builder