Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CNNVD
CNNVDadded 2022/05/05 12:0 a.m.4 views

RubyGems 安全漏洞

RubyGems is a Ruby package manager from the RubyGems organization. The product is primarily used to distribute and manage Ruby packages. RubyGems suffers from a security vulnerability that stems from an error in yank operations, which allows any RubyGems.org user to delete and replace certain gem...

9.9CVSS7.6AI score0.01845EPSS
Exploits0References4
CNVD
CNVDadded 2017/09/25 12:0 a.m.2 views

Geminabox Cross-Site Scripting Vulnerability

Geminabox aka Gem in a Box is a personal code hosting platform. Geminabox suffers from a cross-site scripting vulnerability that can be exploited by remote attackers to delete arbitrary gems on the server...

5.4CVSS6.6AI score0.0068EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2017/09/20 12:0 a.m.21 views

FreeBSD : rubygem-geminabox -- XSS & CSRF vulnerabilities (2bffdf2f-9d45-11e7-a25c-471bafc3262f)

Gem in a box XSS vulenrability - CVE-2017-14506 : Malicious attacker create GEM file with crafted homepage value gem.homepage in .gemspec file includes XSS payload. The attacker access geminabox system and uploads the gem file or uses CSRF/SSRF attack to do so. From now on, any user access...

8.8CVSS6.5AI score0.0068EPSS
Exploits2References4
Rows per page
Query Builder