Lucene search
+L

4876 matches found

almalinux
almalinux
added 2026/06/30 12:0 a.m.6 views

Important: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby: net-imap: Net::IMAP: Denial of Service via crafted IMAP responses CVE-2026-42245 ruby/net-imap: ruby: Net::IMAP: IMAP Comman...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References8
almalinux
almalinux
added 2026/06/30 12:0 a.m.6 views

Important: ruby security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments CVE-2026-42258 net-imap: ruby: Net::IMAP: Information...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References6
nessus
nessus
added 2026/06/30 12:0 a.m.7 views

RHEL 10 : ruby (RHSA-2026:33565)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33565 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References8
nessus
nessus
added 2026/06/30 12:0 a.m.9 views

RHEL 9 : ruby (RHSA-2026:33462)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33462 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

8.1CVSS6.3AI score0.01131EPSS
Exploits0References8
nessus
nessus
added 2026/06/30 12:0 a.m.14 views

RHEL 8 : ruby:3.3 (RHSA-2026:33515)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33515 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References8
osv
osv
added 2026/06/30 12:0 a.m.5 views

ALSA-2026:33512 Important: ruby security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments CVE-2026-42258 net-imap: ruby: Net::IMAP: Information...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References6
ubuntu
ubuntu
added 2026/06/29 10:42 a.m.5 views

USN-8478-1: Ruby vulnerabilities

It was discovered that Ruby's Net::IMAP library did not properly verify that TLS encryption was started after issuing a STARTTLS command. A remote attacker could use this to perform a machine-in-the-middle attack and silently bypass TLS encryption. CVE-2026-42246 It was discovered that Ruby's...

9.8CVSS6.1AI score0.00429EPSS
Exploits0
nessus
nessus
added 2026/06/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-47240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw data...

5.8CVSS6.2AI score0.00491EPSS
Exploits0References4
nessus
nessus
added 2026/06/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-47241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw stri...

2.1CVSS6.1AI score0.00239EPSS
Exploits0References3
nessus
nessus
added 2026/06/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-47242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, when Net::IMAPid is called with a hash...

5.8CVSS6AI score0.00131EPSS
Exploits0References3
attackerkb
attackerkb
added 2026/06/25 6:1 p.m.5 views

CVE-2026-56766

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an...

8.8CVSS6.8AI score0.01325EPSS
Exploits2References3
susecve
susecve
added 2026/06/25 2:22 a.m.9 views

SUSE CVE-2026-42246

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.3.10, 0.4.24, 0.5.14, and 0.6.4, a man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. This issue has been patched in versions 0.3.10,...

7.4CVSS5.8AI score0.00324EPSS
Exploits0References10
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.16 views

PT-2026-52540

Name of the Vulnerable Software and Affected Versions Hydra versions prior to 9.7 commit 9cc84c2 Description A stack buffer overflow exists in the NTLM authentication process across the SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules. The issue occurs when the software...

8.8CVSS6.6AI score0.01325EPSS
Exploits2References6
nvd
nvd
added 2026/06/22 9:16 p.m.13 views

CVE-2026-47242

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, when Net::IMAPid is called with a hash argument, although the ID field value strings are correctly quoted escaping quoted specials, they were not validated to prohibit CRLF sequence...

5.8CVSS0.00131EPSS
Exploits0References1
nvd
nvd
added 2026/06/22 9:16 p.m.10 views

CVE-2026-47240

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing...

5.8CVSS0.00491EPSS
Exploits0References1
nvd
nvd
added 2026/06/22 9:16 p.m.13 views

CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled inpu...

2.1CVSS0.00239EPSS
Exploits0References1
osv
osv
added 2026/06/22 9:16 p.m.5 views

DEBIAN-CVE-2026-47241

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a raw string argument which is only validated to prevent CRLF injection and then sent verbatim. If this string is derived from user-controlled inpu...

2.1CVSS5.8AI score0.00239EPSS
Exploits0References1
osv
osv
added 2026/06/22 9:16 p.m.4 views

DEBIAN-CVE-2026-47242

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, when Net::IMAPid is called with a hash argument, although the ID field value strings are correctly quoted escaping quoted specials, they were not validated to prohibit CRLF sequence...

5.8CVSS5.9AI score0.00131EPSS
Exploits0References1
osv
osv
added 2026/06/22 9:16 p.m.5 views

DEBIAN-CVE-2026-47240

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing...

5.8CVSS6AI score0.00491EPSS
Exploits0References1
osv
osv
added 2026/06/22 9:16 p.m.4 views

UBUNTU-CVE-2026-47240

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to 0.6.5 and 0.5.15, several Net::IMAP commands accept a "raw data" argument that is sent verbatim after validation to prevent command injection. However, if a server does not support non-synchronizing...

5.8CVSS6AI score0.00491EPSS
Exploits0References3
Rows per page
Query Builder