CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/22 7:27 p.m.•4 views

CVE-2021-25904

An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault...

7.5CVSS6.8AI score0.0039EPSS

Exploits1References1

Tenable Nessus•added 2024/09/19 12:0 a.m.•15 views

Oracle Linux 9 : ruby:3.3 (ELSA-2024-6785)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6785 advisory. - Fix DoS vulnerability in rexml. CVE-2024-39908 CVE-2024-41946 CVE-2024-43398 Resolves: RHEL-57573 Resolves: RHEL-57570 Resolves: RHEL-57578 - Fix REX...

9.8CVSS7.4AI score0.0883EPSS

Exploits0References5

Tenable Nessus•added 2024/09/18 12:0 a.m.•32 views

Amazon Linux 2 : ruby (ALAS-2024-2637)

The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2637 advisory. A flaw was found in the way the Ruby REXML library parsed XML documents. Parsing a specially crafted XML document using...

7.5CVSS7.3AI score0.00697EPSS

Exploits0References6

Tenable Nessus•added 2024/08/19 12:0 a.m.•22 views

Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2024-704)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-704 advisory. ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory address read vulnerability with Regex search CVE-2024-27282 Tenable has extracted the preceding descripti...

6.6CVSS7AI score0.02433EPSS

Exploits0References6

Tenable Nessus•added 2024/07/15 12:0 a.m.•35 views

Rocky Linux 8 : ruby (RLSA-2024:4499)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4499 advisory. rubygem-uri: ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755 CVE-2023-36617 ruby: Buffer overread vulnerability in StringIO...

9.8CVSS7.6AI score0.0883EPSS

Exploits1References11

Oracle linux•added 2024/07/15 12:0 a.m.•51 views

ruby security update

ruby 2.5.9-112 - Fix ReDoS vulnerability - upstream's incomplete fix for CVE-2023-28755. CVE-2023-36617 Resolves: RHEL-5614 - Fix Buffer overread vulnerability in StringIO. CVE-2024-27280 Resolves: RHEL-34125 - Fix RCE vulnerability with .rdocoptions in RDoc. CVE-2024-27281 Resolves: RHEL-34117 -...

9.8CVSS7.3AI score0.0883EPSS

Exploits1

OSV•added 2024/06/14 2:0 p.m.•23 views

RLSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.3. Rocky Linux-37697 Security Fixes: ruby: Buffer overread...

6.6CVSS7.9AI score0.0883EPSS

Rockylinux•added 2024/06/14 2:0 p.m.•33 views

ruby:3.3 security, bug fix, and enhancement update

An update is available for rubygem-pg, module.rubygem-mysql2, rubygem-mysql2, module.rubygem-pg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is an...

Rockylinux•added 2024/06/14 1:59 p.m.•33 views

Exploits0

ruby:3.1 security, bug fix, and enhancement update

An update is available for module.rubygem-abrt, rubygem-mysql2, module.rubygem-pg, ruby, module.rubygem-mysql2, rubygem-abrt, module.ruby, rubygem-pg. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6AI score0.0883EPSS

Exploits0

OSV•added 2024/06/14 1:59 p.m.•29 views

RLSA-2024:3670 Moderate: ruby:3.3 security, bug fix, and enhancement update

9.8CVSS7.9AI score0.0883EPSS

Rockylinux•added 2024/06/14 1:59 p.m.•26 views

ruby:3.3 security, bug fix, and enhancement update

Tenable Nessus•added 2024/06/14 12:0 a.m.•23 views

Exploits0

Rocky Linux 8 : ruby:3.3 (RLSA-2024:3670)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3670 advisory. ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory...

Tenable Nessus•added 2024/06/14 12:0 a.m.•31 views

Oracle Linux 8 : ruby:3.1 (ELSA-2024-3546)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3546 advisory. ruby 3.1.5-143 - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE...

9.8CVSS7.5AI score0.0883EPSS

Tenable Nessus•added 2024/06/14 12:0 a.m.•28 views

Rocky Linux 8 : ruby:3.1 (RLSA-2024:3546)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3546 advisory. ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: Arbitrary memory...

Tenable Nessus•added 2024/06/14 12:0 a.m.•18 views

Rocky Linux 9 : ruby:3.1 (RLSA-2024:3668)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3668 advisory. ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory...

Tenable Nessus•added 2024/06/14 12:0 a.m.•26 views

Rocky Linux 9 : ruby:3.3 (RLSA-2024:3671)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3671 advisory. ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory...

Tenable Nessus•added 2024/06/14 12:0 a.m.•33 views

AlmaLinux 9 : ruby (ALSA-2024:3838)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:3838 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time CVE-2023-287...

9.8CVSS7.6AI score0.0883EPSS

Exploits1References7

Tenable Nessus•added 2024/06/12 12:0 a.m.•32 views

RHEL 9 : ruby (RHSA-2024:3838)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3838 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

RedHat Linux•added 2024/06/11 7:56 p.m.•31 views

Exploits1References15

Moderate: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...