Lucene search
+L

16 matches found

nessus
nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-8185

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability exists in Rails 6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production...

6.5CVSS6.7AI score0.02181EPSS
Exploits0References2
openvas
openvas
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2020:3147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.98507EPSS
Exploits40References10
openvas
openvas
added 2020/10/05 12:0 a.m.25 views

Fedora: Security Advisory for rubygem-image_processing (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1AI score
Exploits0References2
openvas
openvas
added 2020/10/05 12:0 a.m.23 views

Fedora: Security Advisory for rubygem-actionmailbox (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1AI score
Exploits0References2
openvas
openvas
added 2020/10/05 12:0 a.m.24 views

Fedora: Security Advisory for rubygem-actionmailer (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1AI score
Exploits0References2
openvas
openvas
added 2020/10/05 12:0 a.m.30 views

Fedora: Security Advisory for rubygem-railties (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

4.8CVSS6.1AI score0.01543EPSS
Exploits1References2
openvas
openvas
added 2020/10/05 12:0 a.m.18 views

Fedora: Security Advisory for rubygem-actioncable (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

4.8CVSS6.1AI score0.01543EPSS
Exploits1References2
ibm
ibm
added 2020/07/18 6:8 a.m.44 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Rails

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Rails. Vulnerability Details CVEID: CVE-2020-8163 DESCRIPTION: Rails could allow a remote attacker to execute arbitrary code on the system, caused by a code injection vulnerability. By sending a specially...

8.8CVSS1.5AI score0.83085EPSS
Exploits11Affected Software1
openvas
openvas
added 2020/07/06 12:0 a.m.32 views

Ruby on Rails < 6.0.3.2 DoS Vulnerability

Ruby on Rails is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.5CVSS6.5AI score0.02181EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2020/07/02 7:15 p.m.38 views

CVE-2020-8185

A denial of service vulnerability exists in Rails 6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production...

6.5CVSS6.8AI score0.02181EPSS
Exploits0References2
cve
cve
added 2020/07/02 6:35 p.m.218 views

CVE-2020-8185

CVE-2020-8185 is associated with Rails, and connected documents show mitigation via Rails upgrade to 6.0.3.3 in openSUSE/SUSE advisories, after the affected

6.5CVSS6.2AI score0.02181EPSS
Exploits0References3Affected Software1
github
github
added 2020/06/24 5:40 p.m.45 views

Untrusted users can run pending migrations in production in Rails

There is a vulnerability in versions of Rails prior to 6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production. This vulnerability has been assigned the CVE identifier CVE-2020-8185. Versions Affected: 6.0.0 = 6.0.3.2 Impact ------ Using this issu...

6.5CVSS6.7AI score0.02181EPSS
Exploits0References7Affected Software1
osv
osv
added 2020/06/24 5:40 p.m.33 views

GHSA-C6QR-H5VQ-59JC Untrusted users can run pending migrations in production in Rails

There is a vulnerability in versions of Rails prior to 6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production. This vulnerability has been assigned the CVE identifier CVE-2020-8185. Versions Affected: 6.0.0 = 6.0.3.2 Impact ------ Using this issu...

6.5CVSS6.4AI score0.02181EPSS
Exploits0References6
hackerone
hackerone
added 2020/06/21 2:15 a.m.204 views

Ruby on Rails: Open Redirect (6.0.0 < rails < 6.0.3.2)

Hello, I was looking at the change log https://github.com/rails/rails/commit/2121b9d20b60ed503aa041ef7b926d331ed79fc2 for CVE-2020-8185 and found another problem existed. https://github.com/rails/rails/blob/v6.0.3.1/actionpack/lib/actiondispatch/middleware/actionableexceptions.rbL21 ruby redirect...

4.3CVSS6.5AI score0.70717EPSS
Exploits1
rubygems
rubygems
added 2020/06/17 12:0 a.m.39 views

Untrusted users able to run pending migrations in production

There is a vulnerability in versions of Rails prior to 6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production. This vulnerability has been assigned the CVE identifier CVE-2020-8185. Versions Affected: 6.0.0 = 6.0.3.2 Impact ------ Using this issu...

6.5CVSS4.3AI score0.02181EPSS
Exploits0References1Affected Software1
freebsd
freebsd
added 2020/06/17 12:0 a.m.37 views

Rails -- permission vulnerability

Ruby on Rails blog: Rails 6.0.3.2 has been released! This version of Rails contains an important security patch, and you should upgrade! The release contains only one patch that addresses CVE-2020-8185...

6.5CVSS2.5AI score0.02181EPSS
Exploits0References3
Rows per page
Query Builder