Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14173 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-18978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the rack-cors aka Rack CORS Middleware gem before 1.0.4 for Ruby. It allows ../ directory traversal to access private resources becau...

5.3CVSS5.6AI score0.02462EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-47220

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a...

6.8AI score0.00395EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-11027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ruby OpenID aka ruby-openid through 2.8.0 has a remotely exploitable flaw. This library is used by Rails web applications to integrate with OpenID Providers...

10CVSS8.2AI score0.02911EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-22795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A regular expression based DoS vulnerability in Action Dispatch 6.1.7.1 and 7.0.4.1 related to the If- None-Match header. A specially crafted HTTP If-None-Match...

7.5CVSS6.5AI score0.02278EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-16779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted such as by a timeout would lea...

5.9CVSS5.8AI score0.014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-31163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TZInfo is a Ruby library that provides access to time zone data and allows times to be converted using time zone rules. Versions prior to 0.36.1, as well as tho...

8.1CVSS6.8AI score0.01777EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-16229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Ox gem 2.8.1 for Ruby, the process crashes with a stack-based buffer over-read in the readfromstr function in saxbuf.c when a crafted input is supplied t...

5.5CVSS6AI score0.00989EPSS
Exploits1References2
GithubExploit
GithubExploitadded 2025/08/28 10:15 p.m.214 views

Exploit for Improper Input Validation in Rubyonrails Rails

🔐 Black Box Penetration Test on DVWA This repository document...

9CVSS8.2AI score0.99449EPSS
Exploits49
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/28 7:12 a.m.5 views

Malicious code in omniauth-pro-sante-connect (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-8159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a vulnerability in actionpackpage-caching gem v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote...

9.8CVSS9.2AI score0.0525EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-18848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. CVE-2019-18848 Note that Nessus relies on the presence of t...

7.5CVSS7.2AI score0.01257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-22903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The actionpack ruby gem before 6.1.3.2 suffers from a possible open redirect vulnerability. Specially crafted Host headers in combination with certain allowed...

6.1CVSS6.4AI score0.01224EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-5217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Secure Headers RubyGem secureheaders, a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was...

5.8CVSS7AI score0.01814EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-4054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Sanitize RubyGem sanitize greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using...

7.3CVSS7AI score0.01853EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-27788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read,...

7.5CVSS7.2AI score0.00665EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2018-16468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. CVE-2018-16468 Note...

5.4CVSS6.1AI score0.00915EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-3769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ruby-grape ruby gem suffers from a cross-site scripting XSS vulnerability via format parameter. CVE-2018-3769 Note that Nessus relies on the presence of the...

6.1CVSS5.8AI score0.01428EPSS
Exploits1References2
Redos
Redosadded 2025/08/26 12:0 a.m.5 views

ROS-20250826-03

Vulnerability of WEBrick library of Ruby programming language interpreter is related to incorrect checking of HTTP requests in the readheader method. HTTP requests in the readheader method. Exploitation of the vulnerability could allow an attacker, acting remotely, to perform HTTP request spoofin...

6.5CVSS7.2AI score0.00422EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/08/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-3741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in...

6.1CVSS6AI score0.01154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-15587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. CVE-2019-15587 Note th...

5.4CVSS6.2AI score0.01448EPSS
Exploits0References2
Rows per page
Query Builder