Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 6:7 a.m.1 views

SUSE CVE-2008-3657

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS7.7AI score0.32283EPSS
Exploits1References5
SUSE CVE
SUSE CVEadded 2023/02/15 5:13 a.m.1 views

SUSE CVE-2015-7551

The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of...

8.4CVSS8.7AI score0.00234EPSS
Exploits0References9
Tenable Nessus
Tenable Nessusadded 2009/04/23 12:0 a.m.36 views

Mandriva Linux Security Advisory : ruby (MDVSA-2008:226)

A denial of service condition was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite loop and crash CVE-2008-3443. A number of flaws were found in Ruby that could allow an attacker ...

7.8CVSS6.8AI score0.7933EPSS
Exploits29References6
OpenVAS
OpenVASadded 2009/03/23 12:0 a.m.30 views

Ubuntu Update for ruby1.8 vulnerabilities USN-651-1

Ubuntu Update for Linux kernel vulnerabilities USN-651-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6511.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for ruby1.8 vulnerabilities USN-651-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

7.8CVSS0.8AI score0.87662EPSS
Exploits29References2
OpenVAS
OpenVASadded 2009/02/27 12:0 a.m.27 views

CentOS Update for irb CESA-2008:0897 centos4 x86_64

Check for the Version of irb OpenVAS Vulnerability Test CentOS Update for irb CESA-2008:0897 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

7.8CVSS7AI score0.7933EPSS
Exploits29References2
OpenVAS
OpenVASadded 2009/02/27 12:0 a.m.27 views

CentOS Update for irb CESA-2008:0897 centos4 i386

Check for the Version of irb OpenVAS Vulnerability Test CentOS Update for irb CESA-2008:0897 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

7.8CVSS7AI score0.7933EPSS
Exploits29References2
OpenVAS
OpenVASadded 2008/11/01 12:0 a.m.23 views

Debian: Security Advisory (DSA-1651-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.9AI score0.7933EPSS
Exploits28References3
Cent OS
Cent OSadded 2008/10/24 12:4 a.m.67 views

irb, ruby security update

CentOS Errata and Security Advisory CESA-2008:0897 Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting...

7.8CVSS6.7AI score0.7933EPSS
Exploits30References8
RedHat Linux
RedHat Linuxadded 2008/10/21 2:52 p.m.1 views

ruby: missing "taintness" checks in dl module

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS7.2AI score0.32283EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2008/10/13 12:0 a.m.32 views

Debian DSA-1651-1 : ruby1.8 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe...

7.8CVSS6.6AI score0.7933EPSS
Exploits28References11
Tenable Nessus
Tenable Nessusadded 2008/10/13 12:0 a.m.44 views

Debian DSA-1652-1 : ruby1.9 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-3655 Keita Yamaguchi discovered that several safe...

7.8CVSS6.6AI score0.7933EPSS
Exploits28References11
Ubuntu
Ubuntuadded 2008/10/10 2:21 a.m.70 views

USN-651-1: Ruby vulnerabilities

Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...

7.8CVSS7.4AI score0.7933EPSS
Exploits29
NVD
NVDadded 2008/08/13 1:41 a.m.14 views

CVE-2008-3657

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS6.7AI score0.32283EPSS
Exploits1References30
Prion
Prionadded 2008/08/13 1:41 a.m.22 views

Design/Logic Flaw

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS6.4AI score0.32283EPSS
Exploits1References30Affected Software1
CVE
CVEadded 2008/08/13 1:0 a.m.67 views

CVE-2008-3657

CVE-2008-3657 is a confirmed issue in the Ruby DL module where inputs are not tainted, allowing context-dependent attackers to bypass safe levels and call dangerous functions via DL.dlopen. Affected are Ruby 1.8.5 and older, 1.8.6 up to -p286, 1.8.7 up to -p71, and 1.9 up to r18423. Connected adv...

7.5CVSS6.7AI score0.32283EPSS
Exploits1References30Affected Software1
Cvelist
Cvelistadded 2008/08/13 1:0 a.m.22 views

CVE-2008-3657

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

6.7AI score0.32283EPSS
Exploits1References30
UbuntuCve
UbuntuCveadded 2008/08/12 12:0 a.m.33 views

CVE-2008-3657

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS7.1AI score0.32283EPSS
Exploits1References2
exploitpack
exploitpackadded 2008/08/11 12:0 a.m.12 views

Ruby 1.9 dl - Module DL.dlopen Arbitrary Library Access

Ruby 1.9 dl - Module DL.dlopen Arbitrary Library Access source: https://www.securityfocus.com/bid/30644/info Ruby is prone to multiple vulnerabilities that can be leveraged to bypass security restrictions or cause a denial of service: - Multiple security-bypass vulnerabilities occur because of...

0.2AI score
Exploits0
RubySec
RubySecadded 2008/08/08 12:0 a.m.24 views

Ruby missing "taintness" checks in dl module

The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by accessing a library using DL.dlopen...

7.5CVSS6AI score0.32283EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder