Lucene search
K

54 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : rh-ruby27-ruby-2.7.6-131.el7 (AXSA:2022-3889:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3889:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

9.8CVSS8.2AI score0.04766EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : rh-ruby30-ruby-3.0.4-149.el7 (AXSA:2022-3890:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3890:01 advisory. ruby: buffer overflow in CGI.escapehtml CVE-2021-41816 ruby: Regular expression denial of service vulnerability of Date parsing methods CVE-2021-418...

9.8CVSS7.7AI score0.04766EPSS
Exploits3References6
EUVD
EUVD
added 2025/11/10 5:27 a.m.2 views

EUVD-2025-41817

Malicious code in sinta-telurtahu70-ruro npm...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0080: ruby:2.7 (ALINUX3-SA-2023:0080)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0080 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33621: The cgi gem before 0.1.0.2...

8.8CVSS8.3AI score0.04127EPSS
Exploits3References7
Circl
Circl
added 2025/03/19 10:0 p.m.16 views

CVE-2024-41817

creationtimestamp| type| source ---|---|--- 2025-03-19 22:00:06+00:00| published-proof-of-concept| Telegram/wSGzmOjLrmEcQmMBXaHVXNxUHoaomU1r4hfeqWwSlXhrWUk 2025-06-21 21:00:05+00:00| published-proof-of-concept| Telegram/wPxuKkvaeObl7wP7fVpj1j1W8mLNT5U7Q8iJzLFoolh0zg 2025-09-12 07:24:53+00:00| see...

7.8CVSS6.9AI score0.00926EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2021-41817

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS regular expression Denial of Service via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0....

7.5CVSS7AI score0.03222EPSS
Exploits1References2
OSV
OSV
added 2024/12/27 12:32 p.m.3 views

OESA-2024-2581 ruby security update

Ruby is a fast and easy interpreted scripting language for object-oriented programming. It has many functions for processing text Files and perform system management tasks such as Perl. Security Fixes: CVE-2021-41817...

7.5CVSS6.8AI score0.03222EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/07/29 3:53 p.m.58 views

CVE-2024-41817 Arbitrary Code Execution in `AppImage` version `ImageMagick`

ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The AppImage version ImageMagick might use an empty path when setting MAGICKCONFIGUREPATH and LDLIBRARYPATH environment variables while executing, which might lead to arbitrary code execution b...

7CVSS7.9AI score0.00926EPSS
Exploits2References3
AlpineLinux
AlpineLinux
added 2024/07/29 3:53 p.m.34 views

CVE-2024-41817

ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The AppImage version ImageMagick might use an empty path when setting MAGICKCONFIGUREPATH and LDLIBRARYPATH environment variables while executing, which might lead to arbitrary code execution b...

7.8CVSS7.7AI score0.00926EPSS
Exploits2References3
CVE
CVE
added 2024/05/03 2:3 p.m.50 views

CVE-2023-41817

The CVE-2023-41817 case concerns the Motorola Phone Calls application, with an improper export vulnerability that could allow a local attacker to read unauthorized information. The vulnerability is described as a local-exploit, low-severity issue (CVSS v3.1: 2.8, LOW; AV:L/AC:L/PR:L/UI:R/S:U/C:L/...

2.8CVSS6.4AI score0.00143EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.27 views

openSUSE: Security Advisory for ruby2.5 (SUSE-SU-2023:4176-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.03222EPSS
Exploits2References2
Amazon
Amazon
added 2023/11/15 12:0 a.m.4 views

Medium: ruby

Issue Overview: A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during the parsing of dates. This flaw allows an attacker to hang a ruby application by providing a specially crafted date string. The highest threat to this...

7.5CVSS6.8AI score0.03222EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.25 views

Amazon Linux 2 : ruby (ALAS-2023-2345)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2345 advisory. A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during...

7.5CVSS7AI score0.03222EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/10/25 12:0 a.m.42 views

SUSE SLED15: libruby2_5-2_5 / ruby2.5 / ruby2.5-devel / ruby2.5-devel-extra / etc (SUSE-SU-2023:4176-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4176-1 advisory. - CVE-2023-28755: Fixed a ReDoS vulnerability in URI. bsc1209891 - CVE-2023-28756: Fixed an...

8.8CVSS7.1AI score0.03222EPSS
Exploits2References13
OpenVAS
OpenVAS
added 2023/10/25 12:0 a.m.38 views

SUSE: Security Advisory (SUSE-SU-2023:4176-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.3AI score0.03222EPSS
Exploits2References7
Amazon
Amazon
added 2023/09/25 12:0 a.m.4 views

Medium: ruby

Issue Overview: A flaw was found in ruby, where the date object was found to be vulnerable to a regular expression denial of service ReDoS during the parsing of dates. This flaw allows an attacker to hang a ruby application by providing a specially crafted date string. The highest threat to this...

7.5CVSS6.8AI score0.03222EPSS
Exploits2
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.41 views

K30272432: RubyGems vulnerability CVE-2021-41817

Security Advisory Description Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS regular expression Denial of Service via a long string. The fixed versions are 3.2.1, 3.1.2, 3.0.2, and 2.0.1. CVE-2021-41817 Impact There is no impact; F5 products are not affected by this vulnerability...

7.5CVSS7.3AI score0.03222EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/10/12 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2022-2588)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.04127EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2022/10/11 7:30 a.m.40 views

Moderate: Red Hat Security Advisory: rh-ruby27-ruby security, bug fix, and enhancement update

An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

9.8CVSS6.9AI score0.04766EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2022/10/11 12:0 a.m.32 views

RHEL 7 : rh-ruby27-ruby (RHSA-2022:6856)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:6856 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

9.8CVSS7.6AI score0.04766EPSS
Exploits3References12
Rows per page
Query Builder