CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-6761

Malware in sbrugna...

6.5CVSS6.1AI score0.00321EPSS

Exploits0References23

Tenable Nessus•added 2024/03/05 12:0 a.m.•63 views

Amazon Linux 2 : ruby (ALAS-2024-2486)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2486 advisory. A flaw was discovered in Ruby in the way certain functions handled strings containing NULL bytes. Specifically, the...

8.1CVSS7.5AI score0.01157EPSS

Exploits2References12

Tenable Nessus•added 2023/09/27 12:0 a.m.•64 views

Amazon Linux 2 : ruby (ALASRUBY2.6-2023-007)

The version of ruby installed on the remote host is prior to 2.6.6-125. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2RUBY2.6-2023-007 advisory. jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not...

8.1CVSS7.7AI score0.18007EPSS

Exploits8References18

SUSE CVE•added 2023/02/15 4:8 a.m.•1 views

SUSE CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

5.1CVSS7AI score0.00321EPSS

Exploits0References8

Tenable Nessus•added 2022/09/15 12:0 a.m.•61 views

RHEL 7 : rh-ruby25-ruby (RHSA-2021:2104)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2104 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.1CVSS6.8AI score0.05892EPSS

Exploits2References20

RedHat Linux•added 2022/02/21 9:4 a.m.•69 views

Important: Red Hat Security Advisory: ruby:2.6 security update

An update for the ruby:2.6 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.3CVSS6.6AI score0.25071EPSS

Exploits7References16

Tenable Nessus•added 2022/02/09 12:0 a.m.•58 views

Rocky Linux 8 : ruby:2.6 (RLSA-2021:2588)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2588 advisory. - Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user...

8.1CVSS7.9AI score0.05892EPSS

Exploits2References21

Tenable Nessus•added 2021/07/07 12:0 a.m.•46 views

Oracle Linux 8 : ruby:2.6 (ELSA-2021-2588)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-2588 advisory. ruby 2.6.7-107 - Upgrade to Ruby 2.6.7. Resolves: rhbz1952627 - Resolv::DNS: timeouts if multiple IPv6 name servers are given an address containing...

8.1CVSS7AI score0.05892EPSS

Exploits2References10

AlmaLinux•added 2021/06/29 1:58 p.m.•72 views

Moderate: ruby:2.5 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.5.9. BZ1952626 Security Fixes: ruby: NUL injection vulnerability of...

8.1CVSS8.1AI score0.05892EPSS

Exploits2References9

Veracode•added 2020/10/04 4:48 a.m.•157 views

Directory Traversal

ruby is vulnerable to directory traversal. It mishandles path checking within File.fnmatch functions...

6.5CVSS3.5AI score0.00321EPSS

Exploits0References9Affected Software3

Microsoft CVE•added 2020/09/25 7:0 a.m.•2 views

Ruby through 2.4.7 2.5.x through 2.5.6 and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

...

6.5CVSS7AI score0.00321EPSS

Exploits0

Tenable Nessus•added 2020/07/01 12:0 a.m.•130 views

EulerOS Virtualization 3.0.6.0 : ruby (EulerOS-SA-2020-1717)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as...

8.1CVSS7.2AI score0.08946EPSS

Exploits2References6

NVD•added 2019/11/26 5:15 p.m.•20 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

6.5CVSS7.1AI score0.00321EPSS

Exploits0References9

OSV•added 2019/11/26 5:15 p.m.•27 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

6.5CVSS8.1AI score

Exploits0References9

CVE•added 2019/11/26 4:45 p.m.•429 views

CVE-2019-15845

CVE-2019-15845 is a Ruby vulnerability where File.fnmatch and File.fnmatch? mishandled strings containing NULL bytes, enabling a remote attacker to access unexpected files and bypass filesystem restrictions in affected Ruby versions (Ruby 2.4.7 and earlier; 2.5.x up to 2.5.6; 2.6.x up to 2.6.4). ...

6.5CVSS7.1AI score0.00321EPSS

Exploits0References9Affected Software1