CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

42 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-2347

Malicious code in bioql PyPI...

5CVSS9.2AI score0.00498EPSS

Exploits0References15

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-3218

Malicious code in bioql PyPI...

5.5CVSS7.5AI score0.00316EPSS

Exploits0References26

Tenable Nessus•added 2025/08/24 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2012-2126

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers to modify a gem during installation via a man-in-the-middle attack...

4.3CVSS8.1AI score0.00272EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 4:35 a.m.•1 views

SUSE CVE-2017-1000037

RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically...

9.8CVSS8.2AI score0.20624EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 4:20 a.m.•1 views

SUSE CVE-2018-1000079

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to...

5.5CVSS7AI score0.00316EPSS

Exploits0References8

Github Security Blog•added 2022/05/05 2:48 a.m.•20 views

Bundler may install gems from a different source than expected

Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source...

5CVSS9.2AI score0.00498EPSS

Exploits0References11Affected Software1

Tenable Nessus•added 2020/03/13 12:0 a.m.•252 views

EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1195)

According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through...

9.8CVSS7.3AI score0.01592EPSS

Exploits6References13

RedHat Linux•added 2020/03/03 3:35 p.m.•5 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

5.5CVSS7.2AI score0.00316EPSS

Exploits0References5

RedHat Linux•added 2020/02/25 12:14 p.m.•3 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

5.5CVSS7.2AI score0.00316EPSS

Exploits0References5

RedHat Linux•added 2020/02/19 7:37 a.m.•4 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

5.5CVSS7.2AI score0.00316EPSS

Exploits0References5

RedhatCVE•added 2019/10/08 10:59 a.m.•26 views

CVE-2018-1000079

5.5CVSS5.1AI score0.00316EPSS

Exploits0References2

RedHat Linux•added 2019/08/06 12:40 p.m.•5 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

5.5CVSS7.2AI score0.00316EPSS

Exploits0References5

Veracode•added 2019/05/16 3:22 a.m.•24 views

Directory Traversal

Ruby is vulnerable to directory traversal vulnerability. This occurs during the gem installation which allows attacker to write arbitrary filesystem locations...

5.5CVSS7.5AI score0.00316EPSS

Exploits0References17Affected Software4

RedHat Linux•added 2018/11/29 10:23 a.m.•4 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

5.5CVSS7.2AI score0.00316EPSS

Exploits0References5

RedHat Linux•added 2018/11/29 10:10 a.m.•1 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

5.5CVSS7.2AI score0.00316EPSS

Exploits0References5

RedHat Linux•added 2018/11/29 9:56 a.m.•4 views

rubygems: Path traversal issue during gem installation allows to write to arbitrary filesystem locations

5.5CVSS7.2AI score0.00316EPSS

Exploits0References5

Amazon•added 2018/04/05 12:0 a.m.•63 views

Low: ruby

Issue Overview: Command injection in lib/resolv.rb:lazyinitialize allows arbitrary code execution: The "lazyinitialize" function in lib/resolv.rb did not properly process certain filenames. A remote attacker could possibly exploit this flaw to inject and execute arbitrary commands. CVE-2017-17790...

9.8CVSS8.9AI score0.04656EPSS

Exploits1

CNVD•added 2018/03/14 12:0 a.m.•1 views

RubyGems Improper Cryptographic Signature Verification Vulnerability

RubyGems is a package manager for Ruby that provides a standard format for distributing Ruby programs and libraries called "gems", and is designed to make it easy to manage gem-installed tools, as well as servers for distributing gems. An improper cryptographic signature verification vulnerabilit...

9.8CVSS6.9AI score0.00929EPSS

Exploits0References1

OSV•added 2018/03/13 3:29 p.m.•1 views

DEBIAN-CVE-2018-1000079

5.5CVSS9.1AI score0.00316EPSS

Exploits0References1

OSV•added 2018/01/31 2:11 p.m.•1 views

USN-3553-1 ruby2.3 vulnerabilities

It was discovered that Ruby failed to validate specification names. An attacker could possibly use a maliciously crafted gem to potentially overwrite any file on the filesystem. CVE-2017-0901 It was discovered that Ruby was vulnerable to a DNS hijacking vulnerability. An attacker could use this t...

9.8CVSS7.1AI score0.20215EPSS

Exploits4References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by