CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

63 matches found

UbuntuCve•added 2026/02/06 5:16 a.m.•3 views

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

5.5CVSS5.6AI score0.00027EPSS

Exploits1References8

Tenable Nessus•added 2025/11/20 12:0 a.m.•5 views

TencentOS Server 4: needrestart (TSSA-2024:1043)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1043 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.8CVSS7.2AI score0.15245EPSS

Exploits16References5

Redos•added 2025/10/14 12:0 a.m.•4 views

ROS-20251014-01

The vulnerability of the Rack module interface of the Ruby programming language interpreter is related to the fact that application does not properly control consumption of internal resources in the function "Rack::QueryParser" function. Exploitation of the vulnerability could allow an attacker...

7.5CVSS6.8AI score0.0014EPSS

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-43160

Malicious code in bioql PyPI...

7.8CVSS8AI score0.00728EPSS

Exploits2References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-1595

Malicious code in bioql PyPI...

7.4CVSS7.3AI score0.00593EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-52519

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.00051EPSS

Exploits2References8

Redos•added 2025/09/08 12:0 a.m.•1 views

ROS-20250908-11

The vulnerability in the Ruby interpreter is related to the fact that the application does not control internal resource consumption when processing DNS packets properly. resources when processing DNS packets properly. Exploitation of the vulnerability could allow an attacker, acting locally to...

7.5CVSS6.4AI score0.00268EPSS

Exploits0

Redos•added 2025/03/26 12:0 a.m.•6 views

ROS-20250326-09

Ruby interpreter vulnerability is related to a hidden time channel Exploitation of the vulnerability could allow a remote attacker to gain access to confidential information...

7.4CVSS7.3AI score0.00593EPSS

Exploits0

Tenable Nessus•added 2025/03/06 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2025-0306

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted...

7.4CVSS7.1AI score0.00593EPSS

Exploits0References2

Redos•added 2025/02/03 12:0 a.m.•8 views

ROS-20250203-15

Vulnerability in Active Support PostgreSQL component of Ruby interpreter is related to insufficient validation of user input in Active Support in Inflector.underscore. user input data in Active Support in Inflector.underscore. Exploitation of the vulnerability could allow an attacker acting...

7.5CVSS6.6AI score0.01484EPSS

Exploits0

Tenable Nessus•added 2025/01/22 12:0 a.m.•13 views

Debian dla-3450 : libruby2.5 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3450 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3450-1 [email protected]...

8.8CVSS7.5AI score0.01371EPSS

Exploits1References6

NVD•added 2025/01/09 4:15 a.m.•12 views

CVE-2025-0306

A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service...

7.4CVSS0.00593EPSS

Exploits0References3

RedHat Linux•added 2024/12/05 10:23 a.m.•23 views

Important: Red Hat Security Advisory: ruby:3.1 security update

An update for the ruby:3.1 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.7CVSS6.9AI score0.01645EPSS

Exploits0References2

AstraLinux•added 2024/11/23 3:4 a.m.•3 views

Astra Linux - уязвимость в needrestart

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable...

7.8CVSS7.7AI score0.00728EPSS

Exploits2References3

SUSE CVE•added 2024/11/22 3:51 a.m.•2 views

SUSE CVE-2024-48992

7.8CVSS7.7AI score0.00728EPSS

Exploits2References3

NVD•added 2024/11/19 6:15 p.m.•14 views

CVE-2024-48992

7.8CVSS0.00728EPSS

Exploits2References6

OSV•added 2024/11/19 6:15 p.m.•2 views

DEBIAN-CVE-2024-48992

7.8CVSS8.6AI score0.00728EPSS

Exploits2References1

OSV•added 2024/11/19 6:15 p.m.•19 views

CVE-2024-48992

7.8CVSS7.6AI score0.00728EPSS

Exploits2References6

CVE•added 2024/11/19 5:38 p.m.•61 views

CVE-2024-48992

CVE-2024-48992 affects needrestart before 3.8. An attacker could trigger arbitrary root commands by supplying an attacker-controlled RUBYLIB and tricking the Ruby interpreter, per the initial description. The TencentOS Server 4 advisory also notes that needrestart passes unsanitized data to Modul...

7.8CVSS7.9AI score0.00728EPSS

Exploits2References6Affected Software1

Vulnrichment•added 2024/11/19 5:38 p.m.•35 views

CVE-2024-48992

7.8CVSS8AI score0.00728EPSS

Exploits2References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by