15 matches found
EUVD-2009-3828
Malware in sbrugna...
EUVD-2018-0153
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-11086
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allo...
Linux Distros Unpatched Vulnerability : CVE-2019-15845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions. CVE-2019-15845 Note that Nessus relies ...
CVE-2024-27456
rack-cors aka Rack CORS Middleware 2.0.1 has 0666 permissions for the .rb files...
emacs: local command injection in ruby-mode.el
A flaw was found in the Emacs package. A malicious ruby source file may cause a local command injection...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in uri/gid.rb, when parsing modelname values. NOTE: A patch has been released to address this issue: 1-0-model-name-redos.patch Details Denial of Service DoS describes a family of attacks, all...
PT-2023-10338 · Unknown · Tombh Jekbox
Name of the Vulnerable Software and Affected Versions: tombh jekbox affected versions not specified Description: A vulnerability was found in the processing of the file lib/server.rb, leading to exposure of information through directory listing. The attack may be initiated remotely...
Cross-site Scripting (XSS)
Overview keynote is a package that provides a consistent interface for defining and instantiating presenters. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the attrstos function in lib/keynote/rumble.rb, which does not escape quote marks in attribute strings...
UBUNTU-CVE-2017-9527
The markcontextstack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service heap-based use-after-free and application crash or possibly have unspecified other impact via a crafted .rb file...
GitLab expose serious vulnerabilities, providing patch-vulnerability warning-the black bar safety net
GitLab has just announced to fix a series of important security issues, including an important elevation of Privilege. GitLab is strongly recommended that all installed 8. 2 and the subsequent version of the user as soon as possible to upgrade. GitLab has discovered a serious vulnerability that...
Buffer overflow
Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service application crash via a Ruby .rb file containing a long string, which triggers the crash when a scroll bar is used...
CVE-2009-3857
Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service application crash via a Ruby .rb file containing a long string, which triggers the crash when a scroll bar is used...
CVE-2009-3857
Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service application crash via a Ruby .rb file containing a long string, which triggers the crash when a scroll bar is used...
Notepad++ 4.1 (Windows x86) - .ruby File Processing Buffer Overflow
Notepad++ 4.1 Windows x86 - .ruby File Processing Buffer Overflow / notepad++v4.1: win32 ruby file processing buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xnotepad++.c -o xnotepad++ syntax: ./xnotepad++ -xe -f filename notepad++ homepage/url:...