Lucene search
+L

18 matches found

OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2020:3147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.98507EPSS
Exploits40References10
GithubExploit
GithubExploit
added 2021/02/14 6:57 a.m.258 views

Exploit for Deserialization of Untrusted Data in Rubyonrails Rails

CVE-2020-8165 Demo Yet another demo of CVE-2020-8165, though...

9.8CVSS7.9AI score0.45732EPSS
Exploits5
GithubExploit
GithubExploit
added 2021/01/03 9:59 p.m.78 views

Exploit for Deserialization of Untrusted Data in Rubyonrails Rails

CVE-2020-8165 Python Exploit This is code to exploit CVE-2020...

9.8CVSS8AI score0.45732EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2020/11/29 12:0 a.m.60 views

Ruby On Rails Remote Code Execution (CVE-2020-8165)

A remote code execution vulnerability exists in Ruby On Rails. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.3AI score0.45732EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2020/10/19 12:0 a.m.54 views

openSUSE Security Update : rubygem-activesupport-5_1 (openSUSE-2020-1677)

This update for rubygem-activesupport-51 fixes the following issues : - CVE-2020-8165: Fixed deserialization of untrusted data in MemCacheStore potentially resulting in remote code execution bsc1172186 This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security...

9.8CVSS8.2AI score0.45732EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2020/10/17 12:0 a.m.24 views

openSUSE: Security Advisory for rubygem-activesupport-5_1 (openSUSE-SU-2020:1677-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8AI score0.45732EPSS
Exploits5References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/10/16 12:0 a.m.80 views

Security update for rubygem-activesupport-5_1 (critical)

openSUSE Security Update: Security update for rubygem-activesupport-51 Announcement ID: openSUSE-SU-2020:1677-1 Rating: critical References: 1172186 Cross-References: CVE-2020-8165 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description:This upda...

9.8CVSS8.3AI score0.45732EPSS
Exploits5References1
OSV
OSV
added 2020/10/13 12:18 p.m.12 views

SUSE-SU-2020:2899-1 Security update for rubygem-activesupport-5_1

This update for rubygem-activesupport-51 fixes the following issues: - CVE-2020-8165: Fixed deserialization of untrusted data in MemCacheStore potentially resulting in remote code execution bsc1172186...

9.8CVSS8.2AI score0.45732EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2020/09/25 12:0 a.m.54 views

Debian DSA-4766-1 : rails - security update

Multiple security issues were discovered in the Rails web framework which could result in cross-site scripting, information leaks, code execution, cross-site request forgery or bypass of upload limits. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

9.8CVSS6.7AI score0.45732EPSS
Exploits9References9
Debian
Debian
added 2020/09/24 8:50 p.m.165 views

[SECURITY] [DSA 4766-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4766-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 24, 2020 https://www.debian.org/security/faq -...

9.8CVSS8AI score0.45732EPSS
Exploits9
OpenVAS
OpenVAS
added 2020/07/21 12:0 a.m.59 views

Debian: Security Advisory (DLA-2282-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.83085EPSS
Exploits16References4
OpenVAS
OpenVAS
added 2020/06/29 12:0 a.m.30 views

Ruby on Raily < 5.2.4.3, 6.x < 6.0.3.1 Multiple Vulnerabilities - Linux

Ruby on Rails is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails";...

9.8CVSS7.6AI score0.45732EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2020/06/22 12:0 a.m.44 views

Debian DLA-2251-1 : rails security update

Two vulnerabilities were found in Ruby on Rails, a MVC ruby-based framework geared for web application development, which could lead to remote code execution and untrusted user input usage, depending on the application. CVE-2020-8164 Strong parameters bypass vector in ActionPack. In some cases us...

9.8CVSS7.7AI score0.45732EPSS
Exploits6References4
OSV
OSV
added 2020/06/19 6:15 p.m.33 views

CVE-2020-8165

A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE...

9.8CVSS7.1AI score
Exploits0References9
Debian
Debian
added 2020/06/19 5:14 p.m.52 views

[SECURITY] [DLA 2251-1] rails security update

Package : rails Version : 2:4.1.8-1+deb8u7 CVE ID : CVE-2020-8164 CVE-2020-8165 Two vulnerabilities were found in Ruby on Rails, a MVC ruby-based framework geared for web application development, which could lead to remote code execution and untrusted user input usage, depending on the applicatio...

9.8CVSS9.8AI score0.45732EPSS
Exploits6
Debian CVE
Debian CVE
added 2020/06/19 5:5 p.m.29 views

CVE-2020-8165

A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE...

9.8CVSS8.6AI score0.45732EPSS
Exploits5
CVE
CVE
added 2020/06/19 5:5 p.m.260 views

CVE-2020-8165

CVE-2020-8165 is a deserialization of untrusted data vulnerability in Ruby on Rails, affecting Rails versions prior to 5.2.4.3 and 6.0.3.1. It can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore, potentially leading to remote code execution. The issue is ...

9.8CVSS9.1AI score0.45732EPSS
Exploits5References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/05/20 12:0 a.m.37 views

FreeBSD : Rails -- multiple vulnerabilities (85fca718-99f6-11ea-bf1d-08002728f74c)

Ruby on Rails blog : Hi everyone! Rails 5.2.4.3 and 6.0.3.1 have been released! These releases contain important security fixes, so please upgrade when you can. Both releases contain the following fixes : CVE-2020-8162: Circumvention of file size limits in ActiveStorage CVE-2020-8164: Possible...

9.8CVSS6.9AI score0.45732EPSS
Exploits9References12
Rows per page
Query Builder