Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-0533

Malware in sbrugna...

7.5CVSS6.5AI score0.03372EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-1878

Malicious code in bioql PyPI...

5.8CVSS6.2AI score0.02477EPSS
Exploits0References18
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-5611

Malicious code in bioql PyPI...

5CVSS7.9AI score0.08934EPSS
Exploits0References19
OSV
OSV
added 2020/06/10 9:39 p.m.11 views

MGASA-2020-0243 Updated ruby-RubyGems packages fix security vulnerability

Updated ruby-RubyGems package fixes security vulnerabilities The following vulnerabilities have been reported. CVE-2019-8320: Delete directory using symlink when decompressing tar CVE-2019-8321: Escape sequence injection vulnerability in verbose CVE-2019-8322: Escape sequence injection...

9.8CVSS7.8AI score0.05076EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2017/10/11 12:0 a.m.38 views

CVE-2017-0903

RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution...

9.8CVSS7.5AI score0.15853EPSS
Exploits1References8
Cvelist
Cvelist
added 2015/06/24 2:0 p.m.41 views

CVE-2015-3900

RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."...

6.2AI score0.08934EPSS
Exploits0References11
Rows per page
Query Builder