Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.6 views

EUVD-2017-0210

Malware in sbrugna...

7.5CVSS6.1AI score0.02883EPSS
Exploits0References17
EUVD
EUVDadded 2025/10/07 12:30 a.m.8 views

EUVD-2017-0265

Malware in sbrugna...

7.5CVSS6AI score0.02173EPSS
Exploits1References12
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2017-0306

Malware in sbrugna...

7.5CVSS6.1AI score0.02214EPSS
Exploits0References16
RedhatCVE
RedhatCVEadded 2025/05/23 8:19 a.m.12 views

CVE-2024-27090

Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. If an attacker can infer the slug or URL of an unpublished or private resource, and this resource can be embbeded such as a...

5.3CVSS6.7AI score0.00492EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 12:40 p.m.8 views

CVE-2010-3299

The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks...

6.5CVSS6.8AI score0.01141EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/08 12:0 a.m.6 views

CVE-2022-39281 Remote Denial of Service via Tasks endpoint in fat_free_crm

fatfreecrm is a an open source, Ruby on Rails customer relationship management platform CRM. In versions prior to 0.20.1 an authenticated user can perform a remote Denial of Service attack against Fat Free CRM via bucket access. The vulnerability has been patched in commit c85a254 and will be...

6.5CVSS6.4AI score0.01414EPSS
Exploits0References3
Openbugbounty
Openbugbountyadded 2018/03/25 7:21 a.m.12 views

rubyonrailsupgrade.com XSS vulnerability

Open Bug Bounty ID: OBB-590097 Description| Value ---|--- Affected Website:| rubyonrailsupgrade.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
NVD
NVDadded 2016/04/07 11:59 p.m.19 views

CVE-2016-2097

Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. dot dot in a pathname. NOTE: this vulnerability exists...

5.3CVSS6.3AI score0.04423EPSS
Exploits1References8
OSV
OSVadded 2015/07/26 10:59 p.m.9 views

CVE-2015-3225

lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service SystemStackError via a request with a large parameter depth...

6.2AI score
Exploits0References15
OSV
OSVadded 2012/03/13 10:55 a.m.9 views

CVE-2012-1098

Cross-site scripting XSS vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods...

5.4AI score
Exploits0References6
Rows per page
Query Builder