Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
๐Ÿ”ฅ Daily Hot!
๐Ÿ’ช๐Ÿฝ CPE Enhanced Advisories
๐Ÿ•ถ Shadow Exploits
๐Ÿ•ต๐Ÿผ Vulners CPE
๐Ÿ” Security news
๐Ÿ’ป Exploit updates
๐Ÿ“‘ Blogs review
๐Ÿง Linux vulnerabilities
๐Ÿž Bugbounty
๐Ÿค– AI High Score
๐Ÿ“ฐ CVE Feed
show all

3 matches found

OSV
OSVโ€ขadded 2017/07/25 5:52 p.m.โ€ข1 views

USN-3365-1 ruby1.9.1, ruby2.0, ruby2.3 vulnerabilities

It was discovered that Ruby DL::dlopen incorrectly handled opening libraries. An attacker could possibly use this issue to open libraries with tainted names. This issue only applied to Ubuntu 14.04 LTS. CVE-2009-5147 Tony Arcieri, Jeffrey Walton, and Steffan Ullrich discovered that the Ruby OpenS...

9.8CVSS6.9AI score0.56223EPSS
Exploits6References8
Positive Technologies
Positive Technologiesโ€ขadded 2017/01/06 12:0 a.m.โ€ข3 views

PT-2017-2446 ยท Rubyย +1 ยท Rubyย +1

Name of the Vulnerable Software and Affected Versions: Ruby affected versions not specified Description: The issue is related to a type confusion in the cancel eval method of Ruby's TclTkIp class. This occurs when an attacker passes a different type of object than a String as the retval argument,...

9.8CVSS8.1AI score0.56223EPSS
Exploits6References45
RubySec
RubySecโ€ขadded 2017/01/06 12:0 a.m.โ€ข2 views

Type confusion exists in _cancel_eval Ruby's TclTkIp class

Type confusion exists in canceleval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cause arbitrary code execution...

9.8CVSS7.5AI score0.00805EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder