Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4435

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.07541EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.17 views

RHEL 6 : rubygem-bundler (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Code execution via gem name collision in bundler CVE-2016-7954 Note that Nessus has not tested for...

9.7AI score0.07541EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.3 views

SUSE CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS7.3AI score0.07541EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2016/12/22 10:59 p.m.33 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS7.4AI score0.07541EPSS
Exploits1References3
Prion
Prion
added 2016/12/22 10:59 p.m.15 views

Design/Logic Flaw

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

7.5CVSS7AI score0.07541EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2016/12/22 10:59 p.m.19 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS9.5AI score0.07541EPSS
Exploits1References8
OSV
OSV
added 2016/12/22 10:59 p.m.10 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS9.4AI score
Exploits0References8
CVE
CVE
added 2016/12/22 10:0 p.m.75 views

CVE-2016-7954

CVE-2016-7954 affects Bundler 1.x, where a gem name collision on a secondary source can enable remote code execution in a Ruby application. The issue arises from multiple top-level source lines allowing a malicious gem with the same name as a legitimate gem to be pulled from a different source, a...

9.8CVSS9.2AI score0.07541EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2016/12/22 10:0 p.m.34 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.4AI score0.07541EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2016/12/22 10:0 p.m.43 views

CVE-2016-7954

Removed by vendor...

9.8CVSS9.4AI score0.07541EPSS
Exploits1
CNVD
CNVD
added 2016/10/09 12:0 a.m.4 views

Bundler Code Execution Vulnerability

Bundler is a system developed in C and C++ called sfm structure-from-motion, which is capable of reconstructing 3D models from unordered collections of images e.g., from the Web. There is a security vulnerability in Bundler that allows an attacker to execute arbitrary code on an application by...

9.8CVSS7.8AI score0.07541EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2016/10/05 12:47 p.m.34 views

CVE-2016-7954

Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334...

9.8CVSS9AI score0.07541EPSS
Exploits1References2
Rows per page
Query Builder