Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-0161

Malware in sbrugna...

5.9CVSS5.7AI score0.00172EPSS
Exploits0References8
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2017-0350

Malware in sbrugna...

7.5CVSS7.4AI score0.00265EPSS
Exploits1References7
Tenable Nessus
Tenable Nessusadded 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-11086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allo...

7.4CVSS7.1AI score0.00095EPSS
Exploits1References3
Amazon
Amazonadded 2024/12/19 12:0 a.m.10 views

Important: ruby

Issue Overview: An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., "GET /admin HTTP/1.1\r\n" inside of a "POST /user HTTP/1.1\r\n" request. NOTE: the supplier's...

7.5AI score0.00108EPSS
Exploits0
OSV
OSVadded 2020/05/04 3:15 p.m.26 views

CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...

5.3CVSS6.6AI score0.00415EPSS
Exploits1References4
OSV
OSVadded 2019/05/10 4:29 p.m.4 views

CVE-2019-11879

The WEBrick gem 1.4.2 for Ruby allows directory traversal if the attacker once had local access to create a symlink to a location outside of the web root directory. NOTE: The vendor states that this is analogous to Options FollowSymlinks in the Apache HTTP Server, and therefore it is "not a probl...

5.5CVSS6.7AI score
Exploits0References1
Hacker One
Hacker Oneadded 2018/01/04 5:45 a.m.269 views

Ruby: Unintentional file creation caused at Tempfile with directory traversal

The Tempfile argument of basename can use ../ without escaping. Therefore, directory traversal may occur and unintended files may be generated. create file patern log vagrant@localhost $ ls . vagrant@localhost $ irb irbmain:001:0 require 'tempfile' = true irbmain:002:0...

5CVSS1.2AI score0.02372EPSS
Exploits0
OSV
OSVadded 2013/12/31 4:4 p.m.6 views

CVE-2013-6459

Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...

7.1AI score
Exploits0References5
Cvelist
Cvelistadded 2011/08/05 9:0 p.m.22 views

CVE-2011-2686

Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2003-0900. NOTE: this issu...

6.1AI score0.00801EPSS
Exploits1References13
NVD
NVDadded 2008/06/24 7:41 p.m.17 views

CVE-2008-2663

Multiple integer overflows in the rbarystore function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than...

10CVSS7.2AI score0.1019EPSS
Exploits1References40
Rows per page
Query Builder