18 matches found
MAL-2025-191906 Malicious code in tonetext (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c46725ad6c88079cce4f7fa4a29175fec7f78ea83344da99d0f02ac4f020fcf3 When imported, the code embedded into the exception class downloads a remote file, and runs it by importing, and attempts to cover tracks by overwriting itself...
CVE-2021-47269
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3wIndextodep and we might be referring a non-existing ep and trigger a NULL pointer exception. In certain configurations we might use fewer ep...
Access Control Bypass
ruby is vulnerable to access control bypass. A flaw was found in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted tainted code to modify arbitrary, trusted untainted...
Exceptions displayed in non-debug configurations in Symfony
Description ----------- When ErrorHandler renders an exception HTML page, it uses un-escaped properties from the related Exception class to render the stacktrace. The security issue comes from the fact that the stacktraces were also displayed in non-debug environments. Resolution ---------- The...
Authorization Bypass
ruby is vulnerable to authorization bypass. A flaw was found in the method for translating an exception message into a string in the Ruby Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted tainted code to modify arbitrary, trusted...
Amazon Linux AMI : ruby (ALAS-2013-173)
It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large...
Oracle Linux 4 : ruby (ELSA-2011-0908)
From Red Hat Security Advisory 2011:0908 : Updated ruby packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
CentOS Update for ruby CESA-2013:0612 centos6
Check for the Version of ruby OpenVAS Vulnerability Test CentOS Update for ruby CESA-2013:0612 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
ruby security update
CentOS Errata and Security Advisory CESA-2013:0612 Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores...
Scientific Linux Security Update : ruby on SL6.x i386/x86_64 (20130307)
It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large...
Moderate: Red Hat Security Advisory: ruby security update
Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are availab...
CentOS Update for ruby CESA-2013:0129 centos5
Check for the Version of ruby OpenVAS Vulnerability Test CentOS Update for ruby CESA-2013:0129 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Scientific Linux Security Update : ruby on SL4.x i386/x86_64
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw was found in the way large amounts of memory were allocated on 64-bit systems when using the BigDecimal class. A context-dependent attacker coul...
RedHat Update for ruby RHSA-2011:0910-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 4 : ruby (CESA-2011:0908)
Updated ruby packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RedHat Update for ruby RHSA-2011:0908-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Moderate: Red Hat Security Advisory: ruby security update
Updated ruby packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Fedora 10 : rt3-3.8.2-11.fc10 (2009-10426)
Tue Oct 13 2009 Ralf Corsepius - 3.8.2-11 - Update rt-3.8.2-rh-bz526870.diff. - Mon Oct 12 2009 Ralf Corsepius - 3.8.2-10 - Add rt-3.8.2-rh-bz526870.diff BZ 526870. - Wed Jun 24 2009 Ralf Corsepius - 3.8.2-9 - Add R: perlData::ICal, R: perlData::ICal::Entry::Event BZ 507965. - Fri Jun 19 2009...