CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-0172

Malware in sbrugna...

5.9CVSS5.7AI score0.0032EPSS

Exploits0References8

Github Security Blog•added 2018/03/13 4:15 p.m.•17 views

http vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

The Ruby http gem before 0.6.4 and 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

5.9CVSS6.3AI score0.0032EPSS

Exploits0References8Affected Software1

CNVD•added 2017/10/17 12:0 a.m.•0 views

Ruby http gem man-in-the-middle attack vulnerability

The Ruby http gem is a standard package for managing Ruby libraries and programs. A man-in-the-middle attack vulnerability exists in Ruby http gem versions prior to 0.7.3, which stems from the program failing to validate the hostname during an SSL connection. A remote attacker could use this...

5.9CVSS5.6AI score0.0032EPSS

Exploits0References1

NVD•added 2017/10/06 10:29 p.m.•9 views

CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

5.9CVSS5.4AI score0.0032EPSS

Exploits0References3

OSV•added 2017/10/06 10:29 p.m.•5 views

CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

5.9CVSS5.4AI score0.0032EPSS

Exploits0References4

Prion•added 2017/10/06 10:29 p.m.•11 views

Design/Logic Flaw

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

4.3CVSS6.6AI score0.0032EPSS

Exploits0References3Affected Software1

OSV•added 2017/10/06 10:29 p.m.•1 views

DEBIAN-CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

5.9CVSS6.6AI score0.0032EPSS

Exploits0References1

UbuntuCve•added 2017/10/06 10:29 p.m.•12 views

CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

5.9CVSS6.3AI score0.0032EPSS

Exploits0References4

Cvelist•added 2017/10/06 10:0 p.m.•14 views

CVE-2015-1828

The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack...

5.4AI score0.0032EPSS

Exploits0References3

CVE•added 2017/10/06 10:0 p.m.•76 views

CVE-2015-1828

The CVE-2015-1828 entry concerns the Ruby http gem prior to 0.7.3, where hostname verification is not performed in SSL connections. This hostname verification bypass enables a man-in-the-middle attack to potentially obtain sensitive information from affected users. Multiple connected sources (SUS...

5.9CVSS5.4AI score0.0032EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by