Lucene search
K

59 matches found

Circl
Circl
added 2026/04/06 9:21 p.m.5 views

CVE-2026-35176

creationtimestamp| type| source ---|---|--- 2026-04-06 21:21:11+00:00| published-proof-of-concept| Telegram/2EnXoILGVbego74Wp-yQgBLadCUgQoVCHSSN8NjOPP4QJIY...

7.1CVSS4.8AI score0.00159EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : pcs-0.10.18-2.el8_10.1.ML.1 (AXSA:2024-8703:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8703:04 advisory. REXML: DoS parsing an XML with many s in an attribute value CVE-2024-35176 Tenable has extracted the preceding description block directly from the MiracleLin...

5.3CVSS8.5AI score0.02064EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Ruby vulnerabilities (USN-7840-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7840-1 advisory. It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of...

7.5CVSS6.8AI score0.02064EPSS
Exploits1References7
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-35176 Malicious code in test-mlw2-daisy-pleat (npm)

The package test-mlw2-daisy-pleat was found to contain malicious code...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: pcs (TSSA-2024:0401)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0401 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.3CVSS7.1AI score0.02064EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2025/05/07 7:11 p.m.8 views

pcs security update

An update is available for pcs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The pcs packages provide a command-line configuration system for the Pacemaker an...

5.3CVSS5.6AI score0.02064EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.5 views

RockyLinux 8 : pcs (RLSA-2024:5338)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5338 advisory. REXML: DoS parsing an XML with many s in an attribute value CVE-2024-35176 Tenable has extracted the preceding description block directly from the RockyLinux...

5.3CVSS7.2AI score0.02064EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2025/04/17 12:0 a.m.17 views

Security update for rubygem-rexml (moderate)

openSUSE Security Update: Security update for rubygem-rexml Announcement ID: openSUSE-SU-2025:0129-1 Rating: moderate References: 1224390 1228072 1228794 1228799 1229673 1232440 Cross-References: CVE-2024-35176 CVE-2024-39908 CVE-2024-41123 CVE-2024-41946 CVE-2024-43398 CVE-2024-49761 CVSS scores...

8.7CVSS7.5AI score0.02064EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2025/04/08 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-7418-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.02064EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-35176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an attribute value...

5.3CVSS6.7AI score0.02064EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.26 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Ruby REXML denial of service vulnerability [ CVE-2024-35176]

Summary Potential Ruby REXML denial of service vulnerability CVE-2024-35176 have been identified that could affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-35176...

5.3CVSS5.8AI score0.02064EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2025/01/06 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2025-0001)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS7.4AI score0.02064EPSS
Exploits1References11
OSV
OSV
added 2025/01/04 9:9 p.m.12 views

MGASA-2025-0001 Updated ruby packages fix security vulnerabilities

The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many . CVE-2024-39908 The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses an XML that has many specific characters such as whitespace character, and . CVE-2024-41123 The REXML gem...

8.7CVSS6.6AI score0.02064EPSS
Exploits1References10
Circl
Circl
added 2024/12/19 7:5 p.m.1 views

CVE-2024-35176

creationtimestamp| type| source ---|---|--- 2024-12-19 19:05:28+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9513 2024-12-19 23:38:33+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9514 2025-09-15 13:28:31+00:00| seen| MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f...

5.3CVSS6.3AI score0.02064EPSS
Exploits1References2
OSV
OSV
added 2024/11/21 3:39 a.m.3 views

USN-7091-2 ruby2.7 vulnerabilities

USN-7091-1 fixed several vulnerabilities in Ruby. This update provides the corresponding update for CVE-2024-35176, CVE-2024-41123, CVE-2024-41946 and CVE-2024-49761 for ruby2.7 in Ubuntu 20.04 LTS. Original advisory details: It was discovered that Ruby incorrectly handled parsing of an XML...

8.7CVSS6.6AI score0.02064EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2024/11/11 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2895)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6AI score0.02064EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/11/11 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2024-2914)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6AI score0.02064EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/11/08 12:0 a.m.19 views

EulerOS 2.0 SP9 : ruby (EulerOS-SA-2024-2838)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : REXML is an XML toolkit for Ruby. The REXML gem before 3.2.6 has a denial of service vulnerability when it parses an XML that has many s in an...

5.3CVSS7.1AI score0.02064EPSS
Exploits1References2
OSV
OSV
added 2024/11/05 3:39 a.m.5 views

USN-7091-1 ruby3.0, ruby3.2, ruby3.3 vulnerabilities

It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24....

8.7CVSS6.6AI score0.02064EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.14 views

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 : Ruby vulnerabilities (USN-7091-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7091-1 advisory. It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value usi...

8.7CVSS7.1AI score0.02064EPSS
Exploits1References6
Rows per page
Query Builder