rubygem-activesupport: Multiple vulnerabilities in parameter parsing in ActionPack

activesupport/coreext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a...

Ruby on Rails XML Processor YAML Deserialization Code Execution

This module exploits a remote code execution vulnerability in the XML request processor of the Ruby on Rails application framework. This vulnerability allows an attacker to instantiate a remote object, which in turn can be used to execute any ruby code remotely in the context of the application...

[SECURITY] Fedora 13 Update: gnustep-base-1.18.0-9.fc13

The GNUstep Base Library is a powerful fast library of general-purpose, non-graphical Objective C classes, inspired by the superb OpenStep API but implementing Apple and GNU additions to the API as well. It includes for example classes for unicode strings, arrays, dictionaries, sets, byte streams...

RMI Remote Object Detection

One or more Java RMI remote objects are listening on the remote host. They may be used by Java applications to invoke methods on those objects remotely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid22363;...