Lucene search
K

156 matches found

OpenVAS
OpenVAS
added 2011/06/03 12:0 a.m.30 views

Mandriva Update for ruby MDVSA-2011:097 (ruby)

Check for the Version of ruby OpenVAS Vulnerability Test Mandriva Update for ruby MDVSA-2011:097 ruby Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

6.8CVSS0.1AI score0.03025EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2011/06/03 12:0 a.m.33 views

Mandriva Update for ruby MDVSA-2011:097 (ruby)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.8CVSS6.2AI score0.03025EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2011/05/24 12:0 a.m.33 views

Mandriva Linux Security Advisory : ruby (MDVSA-2011:097)

Multiple vulnerabilities have been identified and fixed in ruby : Cross-site scripting XSS vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page CVE-2010-0541. The...

6.8CVSS6.8AI score0.03025EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2011/03/09 12:0 a.m.29 views

Ruby '#to_s' Security Bypass Vulnerability (Feb 2011)

Ruby is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ruby-lang:ruby"; ifdescription...

5CVSS9AI score0.02772EPSS
Exploits2References4
NVD
NVD
added 2011/03/02 8:0 p.m.22 views

CVE-2011-1005

The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exceptiontos method, as demonstrated by changing an intended pathname...

5CVSS6.4AI score0.02772EPSS
Exploits2References18
Prion
Prion
added 2011/03/02 8:0 p.m.23 views

Design/Logic Flaw

The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exceptiontos method, as demonstrated by changing an intended pathname...

5CVSS6.8AI score0.02772EPSS
Exploits2References18Affected Software1
Snyk
Snyk
added 2011/03/02 8:0 p.m.2 views

Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass. The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exceptiontos method, as demonstrated by changing an...

5.3CVSS6.9AI score0.02772EPSS
Exploits2References2
Cvelist
Cvelist
added 2011/03/02 7:0 p.m.28 views

CVE-2011-1005

The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exceptiontos method, as demonstrated by changing an intended pathname...

6.5AI score0.02772EPSS
Exploits2References18
CVE
CVE
added 2011/03/02 7:0 p.m.95 views

CVE-2011-1005

The CVE-2011-1005 issue affects Ruby’s safe-level mechanism (Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev), where untrusted strings could be modified via Exception#to_s, enabling context-dependent attackers to alter a pathname. Public advisories reference this vulnerability...

5CVSS6.3AI score0.02772EPSS
Exploits2References18Affected Software1
RubySec
RubySec
added 2011/02/18 12:0 a.m.32 views

CVE-2011-1005 Ruby: Untrusted codes able to modify arbitrary strings

The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exceptiontos method, as demonstrated by changing an intended pathname...

5CVSS6.4AI score0.02772EPSS
Exploits2References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/10/06 12:0 a.m.45 views

openSUSE 10 Security Update : ruby (ruby-6339)

This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...

7.8CVSS5.5AI score0.70202EPSS
Exploits12References8
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.45 views

SuSE9 Security Update : ruby (YOU Patch Number 12452)

This update for ruby fixes the following security issues : - Improve return value checks for OpenSSL function OCSPbasicverify to refuse usage of revoked certificates. CVE-2009-0642 - Increase entropy of DNS identifiers to avoid spoofing attacks. CVE-2008-3905 - Fix denial of service DoS...

7.8CVSS5.2AI score0.70202EPSS
Exploits12References16
Tenable Nessus
Tenable Nessus
added 2009/07/21 12:0 a.m.45 views

openSUSE Security Update : ruby (ruby-1070)

This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...

7.8CVSS5.5AI score0.70202EPSS
Exploits12References15
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.42 views

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : ruby1.8 vulnerabilities (USN-651-1)

Akira Tagoh discovered a vulnerability in Ruby which lead to an integer overflow. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...

7.8CVSS7.5AI score0.95182EPSS
Exploits29References9
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.34 views

Ubuntu Update for ruby1.8 vulnerabilities USN-651-1

Ubuntu Update for Linux kernel vulnerabilities USN-651-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6511.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for ruby1.8 vulnerabilities USN-651-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

7.8CVSS0.8AI score0.95182EPSS
Exploits29References2
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.26 views

RedHat Update for ruby RHSA-2008:0895-02

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0895-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.5CVSS6.9AI score0.15678EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.33 views

RedHat Update for ruby RHSA-2008:0897-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0897-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.8CVSS0.1AI score0.70202EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.27 views

RedHat Update for ruby RHSA-2008:0896-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0896-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.5CVSS6.9AI score0.15678EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.37 views

RedHat Update for ruby RHSA-2008:0897-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0897-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.8CVSS0.2AI score0.70202EPSS
Exploits9References2
OpenVAS
OpenVAS
added 2009/03/06 12:0 a.m.24 views

RedHat Update for ruby RHSA-2008:0896-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0896-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

7.5CVSS6.9AI score0.15678EPSS
Exploits4References2
Rows per page
Query Builder