Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

BDU FSTEC
BDU FSTECadded 2025/02/12 12:0 a.m.4 views

The vulnerability of the ActionDispatch component in the Ruby on Rails software framework, which allows a hacker to trigger a service failure.

The vulnerability of the ActionDispatch component in the Ruby on Rails software framework is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS6.2AI score0.01695EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTECadded 2025/02/12 12:0 a.m.5 views

The vulnerability of the ActionDispatch component in the Ruby on Rails software framework, which allows a hacker to trigger a service failure.

The vulnerability of the ActionDispatch component in the Ruby on Rails software framework is related to insufficient validation of data entered by users. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS6.3AI score0.02278EPSS
Exploits0References5Affected Software3
RubySec
RubySecadded 2020/06/17 12:0 a.m.34 views

Untrusted users able to run pending migrations in production

There is a vulnerability in versions of Rails prior to 6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production. This vulnerability has been assigned the CVE identifier CVE-2020-8185. Versions Affected: 6.0.0 = 6.0.3.2 Impact ------ Using this issu...

6.5CVSS4.3AI score0.02181EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Stormadded 2013/08/09 12:0 a.m.35 views

Squash YAML Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'zlib' class Metasploit3 'Squash YAML Code...

7.5CVSS0.1AI score0.46182EPSS
Exploits5
Exploit DB
Exploit DBadded 2013/01/29 12:0 a.m.73 views

Ruby on Rails - JSON Processor YAML Deserialization Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Ruby on Rails JSON Processor YAML...

7.7AI score
Exploits0
0day.today
0day.todayadded 2013/01/29 12:0 a.m.42 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution

Exploit for multiple platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core...

7.1AI score0.99449EPSS
Exploits22
Rows per page
Query Builder