CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

314 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•8 views

Astra Linux - уязвимость в rails

There is a potential escalation to an RCE vulnerability when using YAML serialized columns in Active Record versions 7.0.3.1, 6.1.6.1, 6.0.5.1, and 5.2.8.1. This could allow an attacker, who can manipulate data in the database through methods like SQL injection, to escalate the attack to an RCE...

9.8CVSS6.6AI score0.01944EPSS

Exploits1References1

Debian•added 2026/05/11 2:17 p.m.•7 views

[SECURITY] [DLA 4578-1] rails security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4578-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 11, 2026 https://wiki.debian.org/LTS -...

9.8CVSS6.5AI score0.01944EPSS

Exploits1

Tenable Nessus•added 2026/05/11 12:0 a.m.•3 views

Debian dla-4578 : rails - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4578 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4578-1 [email protected] https://www.debian.org/lts/security/...

9.8CVSS5.9AI score0.01944EPSS

Exploits1References4

Tenable Nessus•added 2026/05/04 12:0 a.m.•3 views

RHCOS 6 : Red Hat OpenShift Enterprise 1.1 update (Important) (RHSA-2013:0220)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0220 advisory. - Origin: rhc-chk.rb password exposure in log files CVE-2012-5658 - Jenkins: HTTP response splitting CVE-2012-6072 - Jenkins: open...

7.5CVSS5.8AI score0.01017EPSS

Exploits2References52

EUVD•added 2026/01/16 7:20 p.m.•2 views

EUVD-2026-2921

ActiveRecord-JDBC-Adapter AR-JDBC lib/arjdbc/jdbc/adapter.rb sql.gsub Function SQL Injection...

7.5AI score

Exploits0References4

Github Security Blog•added 2026/01/16 7:20 p.m.•5 views

ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection

ActiveRecord-JDBC-Adapter AR-JDBC contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the sql.gsub function in lib/arjdbc/jdbc/adapter.rb not properly sanitizing user-supplied input before using it in SQL queries. This may allow a remote attacker to inject or...

7.8AI score

Exploits0References5Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-0209

Malware in sbrugna...

7.5CVSS6.1AI score0.00331EPSS

Exploits0References10

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-0645

Malware in sbrugna...

5.3CVSS6.4AI score0.00136EPSS

Exploits0References10