ruby:2.5 security update

An update is available for rubygem-bson, module.rubygem-bundler, rubygem-bundler, rubygem-abrt, module.rubygem-mongo, module.rubygem-pg, rubygem-mysql2, module.rubygem-mysql2, ruby, module.rubygem-abrt, module.rubygem-bson, rubygem-pg, module.ruby, rubygem-mongo. This update affects Rocky Linux 8...

MiracleLinux 7 : rh-ruby27-ruby-2.7.6-131.el7 (AXSA:2022-3889:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3889:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

MiracleLinux 7 : rh-ruby30-ruby-3.0.4-149.el7 (AXSA:2022-3890:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3890:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

MiracleLinux 8 : ruby:2.6 (AXSA:2022-3745:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3745:01 advisory. Ruby: Buffer overrun in String-to-Float conversion CVE-2022-28739 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

TencentOS Server 3: ruby:2.5 (TSSA-2023:0312)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0312 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

CVE-2023-28739

Incorrect default permissions in some IntelR Chipset Driver Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access...

Alibaba Cloud Linux 3 : 0080: ruby:2.7 (ALINUX3-SA-2023:0080)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0080 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33621: The cgi gem before 0.1.0.2...

Debian dla-3450 : libruby2.5 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3450 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3450-1 [email protected]...

Debian: Security Advisory (DLA-3858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3858-1] ruby2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...

Debian dla-3858 : libruby2.7 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3858 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected]...

CVE-2024-28739

creationtimestamp| type| source ---|---|--- 2024-08-06 21:43:04+00:00| seen| https://t.me/cvedetector/2629...

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

CVE-2024-28739

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a crafted script to the format parameter...

RHEL 8 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - onigmo: out-of-bounds read in nextstateval in regparse.c CVE-2019-16162 - Onigmo through 6.2.0 has a NULL...

RHEL 7 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Fiddle::Function.new heap buffer overflow CVE-2016-2339 - Type confusion exists in canceleval Ruby'...

Intel® Chipset Driver Software Advisory

Summary: Potential security vulnerabilities in some Intel® Chipset Driver Software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-28739 Description: Incorrect default permissions in some...

CVE-2023-28739

creationtimestamp| type| source ---|---|--- 2024-03-06 11:41:15+00:00| seen| https://t.me/ctinow/201222...

CentOS 9 : ruby-3.0.4-160.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ruby-3.0.4-160.el9 build changelog. - A double free was found in the Regexp compiler in Ruby 3.x before 3.0.4 and 3.1.x before 3.1.2. If a victim attempts to create a Regexp fr...