GHSA-6X46-7RRV-M4H8 sqlite3-ruby uses weak permissions for unspecified files, which allows local users to gain privileges

The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise SLE 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...

Fedora 25 : ImageMagick / rubygem-rmagick (2017-3c5282ada7)

6.9.9-19 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

Fedora Update for rubygem-rmagick FEDORA-2017-a62dd57720

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : ImageMagick / rubygem-rmagick (2017-a62dd57720)

6.9.9-19 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

Fedora 25 : ImageMagick / rubygem-rmagick (2017-66d9113c7a)

6.9.9-15 ---- Rebuilt for ImageMagick 6.9.9-13 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 26 : ImageMagick / rubygem-rmagick (2017-897a192750)

6.9.9-15 ---- Rebuilt for ImageMagick 6.9.9-13 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

[SECURITY] Fedora 27 Update: rubygem-rmagick-2.16.0-8.fc27

RMagick is an interface between Ruby and ImageMagick...

[SECURITY] Fedora 25 Update: rubygem-rmagick-2.16.0-7.fc25

RMagick is an interface between Ruby and ImageMagick...

Fedora Update for rubygem-rmagick FEDORA-2017-66d9113c7a

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for rubygem-rmagick FEDORA-2017-897a192750

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: rubygem-rmagick-2.16.0-7.fc27

RMagick is an interface between Ruby and ImageMagick...

[SECURITY] Fedora 27 Update: rubygem-rmagick-2.16.0-6.fc27

RMagick is an interface between Ruby and ImageMagick...

FreeBSD : rubygem-geminabox -- XSS & CSRF vulnerabilities (2bffdf2f-9d45-11e7-a25c-471bafc3262f)

Gem in a box XSS vulenrability - CVE-2017-14506 : Malicious attacker create GEM file with crafted homepage value gem.homepage in .gemspec file includes XSS payload. The attacker access geminabox system and uploads the gem file or uses CSRF/SSRF attack to do so. From now on, any user access...

Fedora Update for rubygem-rmagick FEDORA-2017-3a568adb31

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for rubygem-rmagick FEDORA-2017-8f27031c8f

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 26 Update: rubygem-rmagick-2.16.0-4.fc26.2

RMagick is an interface between Ruby and ImageMagick...

Code injection

The open-uri-cached rubygem allows local users to execute arbitrary Ruby code by creating a directory under /tmp containing "openuri-" followed by a crafted UID, and putting Ruby code in said directory once a meta file is created...

CVE-2015-3649

The CVE-2015-3649 entry concerns the Ruby gem open-uri-cached. Affected component: open-uri-cached Ruby gem; root cause: insecure/predictable temporary file handling in /tmp, where a directory named with openuri- and a meta/marker file is created, allowing a local attacker to place Ruby code and ...

CVE-2015-3649

The open-uri-cached rubygem allows local users to execute arbitrary Ruby code by creating a directory under /tmp containing "openuri-" followed by a crafted UID, and putting Ruby code in said directory once a meta file is created...

openSUSE Security Update : rubygem-rubyzip (openSUSE-2017-900)

This update for rubygem-rubyzip fixes the following issues : - CVE-2017-5946: A directory traversal vulnerability could lead to access and overwrite files that are outside of the restricted directory boo1027050 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...