RHCOS 6 : ruby193-rubygem-activerecord (RHSA-2013:0699)

The remote Red Hat Enterprise Linux CoreOS 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0699 advisory. - rubygem-activerecord: attributedos Symbol DoS vulnerability CVE-2013-1854 Note that Nessus has not tested for this issue but has instead...

OPENSUSE-SU-2026:10343-1 ruby4.0-rubygem-activerecord-8.0-8.0.3-1.3 on GA media

These are all security issues fixed in the ruby4.0-rubygem-activerecord-8.0-8.0.3-1.3 package on the GA media of openSUSE Tumbleweed...

GHSA-5QW5-WF2Q-F538 ActiveRecord-JDBC-Adapter (AR-JDBC) lib/arjdbc/jdbc/adapter.rb sql.gsub() Function SQL Injection

ActiveRecord-JDBC-Adapter AR-JDBC contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the sql.gsub function in lib/arjdbc/jdbc/adapter.rb not properly sanitizing user-supplied input before using it in SQL queries. This may allow a remote attacker to inject or...

CVE-2022-35956

This Rails gem adds two methods to the ActiveRecord::Base class that allow you to update many records on a single database hit, using a case sql statement for it. Before version 0.1.3 updatebycase gem used custom sql strings, and it was not sanitized, making it vulnerable to sql injection. Upgrad...

EUVD-2017-0243

Malware in sbrugna...

EUVD-2017-0247

Malware in sbrugna...

EUVD-2017-0230

Malware in sbrugna...

EUVD-2022-6465

Malicious code in bioql PyPI...

EUVD-2023-0336

Malicious code in bioql PyPI...

Security Bulletin: Multiple vulnerabilities in IBM Aspera Console

Summary Multiple vulnerabilities were addressed in IBM Aspera Console version 3.4.7. Vulnerability Details CVEID:CVE-2022-44566 DESCRIPTION: A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed intege...

Linux Distros Unpatched Vulnerability : CVE-2023-22794

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in ActiveRecord 6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the annotate...

ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 on GA media (moderate)

ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 on GA media Announcement ID: openSUSE-SU-2025:15480-1 Rating: moderate Cross-References: CVE-2025-55193 CVSS scores: CVE-2025-55193 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVE-2025-55193 SUSE : 5.3...

OPENSUSE-SU-2025:15479-1 ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 on GA media

These are all security issues fixed in the ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 package on the GA media of openSUSE Tumbleweed...

GHSA-76R7-HHXJ-R776 vulnerabilities

Vulnerabilities for packages: ruby3.4-activerecord, ruby3.2-activerecord, ruby3.3-activerecord...

CVE-2025-55193 vulnerabilities

Vulnerabilities for packages: ruby3.4-activerecord, ruby3.2-activerecord, ruby3.3-activerecord...

GHSA-76R7-HHXJ-R776 vulnerabilities

Vulnerabilities for packages: ruby3.3-activerecord, ruby3.4-activerecord, ruby3.2-activerecord...

CVE-2025-55193 vulnerabilities

Vulnerabilities for packages: ruby3.3-activerecord, ruby3.4-activerecord, ruby3.2-activerecord...

Malicious code in activerecord-rescue_from_duplicate (npm)

The package activerecord-rescuefromduplicate was found to contain malicious code...

Malicious code in activerecord-pedantmysql2-adapter (npm)

The package activerecord-pedantmysql2-adapter was found to contain malicious code...

MAL-2025-14053 Malicious code in activerecord-rescue_from_duplicate (npm)

The package activerecord-rescuefromduplicate was found to contain malicious code...