Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2016-2339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable heap overflow vulnerability exists in the Fiddle::Function.new initialize function functionality of Ruby. In Fiddle::Function.new initialize heap...

9.8CVSS8.4AI score0.05187EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 7 : ruby (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ruby: Fiddle::Function.new heap buffer overflow CVE-2016-2339 - Type confusion exists in canceleval Ruby'...

8.9AI score0.06204EPSS
Exploits11References13
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2017-0290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8AI score0.06204EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2017-1050)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.08934EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2017-1051)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.9AI score0.08934EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2019-1617)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.10715EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2019/05/30 12:0 a.m.32 views

EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2019-1617)

According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to...

9.8CVSS7AI score0.10715EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2019/02/07 12:0 a.m.31 views

Photon OS 1.0: Ruby PHSA-2017-0002

An update of the ruby package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0002. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121666;...

9.8CVSS8.9AI score0.05187EPSS
Exploits2References2
Debian
Debian
added 2018/07/14 6:28 a.m.60 views

[SECURITY] [DLA 1421-1] ruby2.1 security update

Package : ruby2.1 Version : 2.1.5-2+deb8u4 CVE ID : CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914 CVE-2018-8777...

9.8CVSS7.4AI score0.73927EPSS
Exploits18
seebug.org
seebug.org
added 2017/10/20 12:0 a.m.69 views

Ruby Fiddle::Function.new Heap Overflow Vulnerability(CVE-2016-2339)

DESCRIPTION An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "argtypes" allocation is made based on args array length. Specially constructed object passed as element of args...

7.5CVSS9.4AI score0.05187EPSS
Exploits2
OpenVAS
OpenVAS
added 2017/07/26 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-3365-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.07766EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.36 views

EulerOS 2.0 SP2 : ruby (EulerOS-SA-2017-1051)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An exploitable heap overflow vulnerability exists in the Fiddle::Function.new 'initialize' function functionality of Ruby. In Fiddle::Function.new...

9.8CVSS8AI score0.08934EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2017/05/01 12:0 a.m.42 views

EulerOS 2.0 SP1 : ruby (EulerOS-SA-2017-1050)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An exploitable heap overflow vulnerability exists in the Fiddle::Function.new 'initialize' function functionality of Ruby. In Fiddle::Function.new...

9.8CVSS8AI score0.08934EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2017/04/29 12:0 a.m.35 views

openSUSE: Security Advisory for ruby2.1 (openSUSE-SU-2017:1128-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS6.5AI score0.08934EPSS
Exploits2References1
OPENSUSE Linux
OPENSUSE Linux
added 2017/04/28 6:11 p.m.44 views

Security update for ruby2.1 (important)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed: - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation does...

7.5CVSS1.4AI score0.08934EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2017/04/21 12:0 a.m.66 views

SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)

This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation doe...

9.8CVSS7.4AI score0.08934EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2017/04/06 12:0 a.m.59 views

openSUSE Security Update : ruby2.2 / ruby2.3 (openSUSE-2017-435)

This update for ruby2.2, ruby2.3 fixes the following issues : Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' boo1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL boo959495 Detailed ChangeLog : -...

9.8CVSS8AI score0.05187EPSS
Exploits2References6
CVE
CVE
added 2017/01/06 9:0 p.m.143 views

CVE-2016-2339

CVE-2016-2339 involves an exploitable heap overflow in Ruby’s Fiddle::Function.new initialize. The heap buffer arg_types allocation is sized based on the length of the args array; a specially crafted object inside the args array can increase the array size after allocation, causing a heap overflo...

9.8CVSS7.5AI score0.05187EPSS
Exploits2References3Affected Software1
UbuntuCve
UbuntuCve
added 2017/01/06 12:0 a.m.23 views

CVE-2016-2339

An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "initialize" heap buffer "argtypes" allocation is made based on args array length. Specially constructed object passed as element of args array can...

9.8CVSS7.5AI score0.05187EPSS
Exploits2References3
Talos
Talos
added 2016/06/14 12:0 a.m.38 views

Ruby Fiddle::Function.new Heap Overflow Vulnerability

Talos Vulnerability Report TALOS-2016-0034 Ruby Fiddle::Function.new Heap Overflow Vulnerability June 14, 2016 CVE Number CVE-2016-2339 DESCRIPTION An exploitable heap overflow vulnerability exists in the Fiddle::Function.new “initialize” function functionality of Ruby. In Fiddle::Function.new...

9.8CVSS7.6AI score0.05187EPSS
Exploits2
Rows per page
Query Builder