Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2019-6761

Malware in sbrugna...

6.5CVSS6.1AI score0.03289EPSS
Exploits0References23
Tenable Nessus
Tenable Nessusadded 2024/03/05 12:0 a.m.71 views

Amazon Linux 2 : ruby (ALAS-2024-2486)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2486 advisory. A flaw was discovered in Ruby in the way certain functions handled strings containing NULL bytes. Specifically, the...

8.1CVSS7.5AI score0.05086EPSS
Exploits2References12
Tenable Nessus
Tenable Nessusadded 2023/09/27 12:0 a.m.66 views

Amazon Linux 2 : ruby (ALASRUBY2.6-2023-007)

The version of ruby installed on the remote host is prior to 2.6.6-125. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2RUBY2.6-2023-007 advisory. jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not...

8.1CVSS7.7AI score0.30224EPSS
Exploits8References18
SUSE CVE
SUSE CVEadded 2023/02/15 4:8 a.m.3 views

SUSE CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

5.1CVSS7AI score0.03289EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2022/09/15 12:0 a.m.63 views

RHEL 7 : rh-ruby25-ruby (RHSA-2021:2104)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2104 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.1CVSS6.8AI score0.06811EPSS
Exploits2References20
RedHat Linux
RedHat Linuxadded 2022/02/21 9:4 a.m.71 views

Important: Red Hat Security Advisory: ruby:2.6 security update

An update for the ruby:2.6 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.3CVSS6.6AI score0.06811EPSS
Exploits7References16
Tenable Nessus
Tenable Nessusadded 2022/02/09 12:0 a.m.63 views

Rocky Linux 8 : ruby:2.6 (RLSA-2021:2588)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2588 advisory. - Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user...

8.1CVSS7.9AI score0.06811EPSS
Exploits2References21
Tenable Nessus
Tenable Nessusadded 2021/07/07 12:0 a.m.48 views

Oracle Linux 8 : ruby:2.6 (ELSA-2021-2588)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-2588 advisory. ruby 2.6.7-107 - Upgrade to Ruby 2.6.7. Resolves: rhbz1952627 - Resolv::DNS: timeouts if multiple IPv6 name servers are given an address containing...

8.1CVSS7AI score0.06811EPSS
Exploits2References10
AlmaLinux
AlmaLinuxadded 2021/06/29 1:58 p.m.75 views

Moderate: ruby:2.5 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 2.5.9. BZ1952626 Security Fixes: ruby: NUL injection vulnerability of...

8.1CVSS8.1AI score0.06811EPSS
Exploits2References9
Veracode
Veracodeadded 2020/10/04 4:48 a.m.158 views

Directory Traversal

ruby is vulnerable to directory traversal. It mishandles path checking within File.fnmatch functions...

6.5CVSS3.5AI score0.03289EPSS
Exploits0References9Affected Software3
Microsoft CVE
Microsoft CVEadded 2020/09/25 7:0 a.m.3 views

Ruby through 2.4.7 2.5.x through 2.5.6 and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.

...

6.5CVSS7AI score0.03289EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2020/07/01 12:0 a.m.133 views

EulerOS Virtualization 3.0.6.0 : ruby (EulerOS-SA-2020-1717)

According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Oniguruma 6.x before 6.9.4rc2. In the function fetchintervalquantifier formerly known as...

8.1CVSS7.2AI score0.06889EPSS
Exploits2References6
BDU FSTEC
BDU FSTECadded 2020/03/04 12:0 a.m.3 views

The vulnerability of the File.fnmatch method in the Ruby programming language allows a hacker to gain unauthorized access to protected information.

The vulnerability of the File.fnmatch method in the Ruby programming language exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using a specially...

6.5CVSS6.5AI score0.03289EPSS
Exploits0References13Affected Software8
NVD
NVDadded 2019/11/26 5:15 p.m.25 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

6.5CVSS7.1AI score0.03289EPSS
Exploits0References9
OSV
OSVadded 2019/11/26 5:15 p.m.33 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

6.5CVSS8.1AI score
Exploits0References9
Cvelist
Cvelistadded 2019/11/26 4:45 p.m.30 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

7.3AI score0.03289EPSS
Exploits0References9
CVE
CVEadded 2019/11/26 4:45 p.m.440 views

CVE-2019-15845

CVE-2019-15845 is a Ruby vulnerability where File.fnmatch and File.fnmatch? mishandled strings containing NULL bytes, enabling a remote attacker to access unexpected files and bypass filesystem restrictions in affected Ruby versions (Ruby 2.4.7 and earlier; 2.5.x up to 2.5.6; 2.6.x up to 2.6.4). ...

6.5CVSS7.1AI score0.03289EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVEadded 2019/11/26 4:45 p.m.148 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

6.5CVSS6.4AI score0.03289EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2019/11/26 4:45 p.m.36 views

CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

6.5CVSS7.5AI score0.03289EPSS
Exploits0
OSV
OSVadded 2019/11/20 12:0 a.m.0 views

UBUNTU-CVE-2019-15845

Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions...

6.5CVSS6.6AI score0.03289EPSS
Exploits0References5
Rows per page
Query Builder