Lucene search
K

10 matches found

securityvulns
securityvulns
added 2014/10/16 12:0 a.m.66 views

[SECURITY] [DSA 2982-1] ruby-activerecord-3.2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2982-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 19, 2014 http://www.debian.org/security/faq -...

7.5CVSS1AI score0.04278EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/08/23 12:0 a.m.26 views

Fedora 20 : rubygem-activerecord-4.0.0-4.fc20 (2014-8065)

Fix for CVE-2014-3483 rubygem-activerecord: SQL injection vulnerability in 'range' quoting and its regression Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

7.5CVSS5.6AI score0.04181EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2014/08/23 12:0 a.m.28 views

Fedora Update for rubygem-activerecord FEDORA-2014-8065

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.04181EPSS
Exploits0References2
Mageia
Mageia
added 2014/07/26 1:9 p.m.55 views

Updated ruby-actionpack packages fix security issues

Updated ruby-actionpack and ruby-activerecord packages fix security vulnerabilities: Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails before 4.0.5, when certain route globbing configurations are enabled, allows...

7.5CVSS7.1AI score0.53703EPSS
Exploits2References6
Debian
Debian
added 2014/07/19 10:9 a.m.28 views

[SECURITY] [DSA 2982-1] ruby-activerecord-3.2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2982-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 19, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.04278EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2014/07/14 4:25 p.m.30 views

Moderate: Red Hat Security Advisory: ror40-rubygem-activerecord security update

Updated ror40-rubygem-activerecord packages that fix one security issue are now available for Red Hat Software Collections 1. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS5.8AI score0.04181EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2014/07/07 10:0 a.m.29 views

CVE-2014-3483

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting...

7.5CVSS8.3AI score0.04181EPSS
Exploits0
CVE
CVE
added 2014/07/07 10:0 a.m.106 views

CVE-2014-3483

CVE-2014-3483 is a SQL injection vulnerability in the PostgreSQL adapter for Active Record (Ruby on Rails). The flaw resides in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb, where improper range quoting allows remote attackers to execute arbitrary SQL commands. Affecte...

7.5CVSS8.2AI score0.04181EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2014/07/07 10:0 a.m.32 views

CVE-2014-3483

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting...

8.1AI score0.04181EPSS
Exploits0References7
RubySec
RubySec
added 2014/07/02 12:0 a.m.29 views

CVE-2014-3483 rubygem-activerecord: SQL injection vulnerability in 'range' quoting

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting...

7.5CVSS3.5AI score0.04181EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder