Data Injection Vulnerability in Active Record

The createwith functionality in Active Record was implemented incorrectly and completely bypasses the strong parameters protection. Applications which pass user-controlled values to createwith could allow attackers to set arbitrary attributes on models...

CVE-2013-0334 rubygem-bundler: 'bundle install' may install a gem from a source other than expected

Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source. A flaw was found in the way Bundler handled gems available from multiple sources. An attacker with access...

brbackup Gem for Ruby Process List Local Plaintext Password Disclosure

brbackup Gem for Ruby contains a flaw that is due to the program exposing password information in plaintext in the process list. This may allow a local attacker to gain access to password information...

CVE-2014-4975 ruby: off-by-one stack-based buffer overflow in the encodes() function

Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service segmentation fault via vectors that trigger a stack-based buffer overflow...

CVE-2014-3482 rubygem-activerecord: SQL injection vulnerability in 'bitstring' quoting

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresqladapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting. It was...

CVE-2014-3483 rubygem-activerecord: SQL injection vulnerability in 'range' quoting

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting...

karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

The karo gem 2.3.8 for Ruby allows Remote command injection via the host field. karo Gem for Ruby contains a flaw in db.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands. CWE-77 - Improper Neutralization of Special Elements used in a...

VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact

VladTheEnterprising Gem for Ruby contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/my.cnf.targethost file they can overwrite arbitrary files, gain access to the MySQL root password, or inject arbitrary...

VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact

VladTheEnterprising Gem for Ruby contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/my.cnf.targethost file they can overwrite arbitrary files, gain access to the MySQL root password, or inject arbitrary...

gyazo Gem for Ruby client.rb Metacharacter Handling Remote Command Execution

gyazo Gem for Ruby contains a flaw in client.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands...

backup_checksum Gem for Ruby /lib/backup/cli/utility.rb Process List Local Plaintext Password Disclosure

backupchecksum Gem for Ruby contains a flaw in /lib/backup/cli/utility.rb that is triggered as the program displays password information in plaintext in the process list. This may allow a local attacker to gain access to password information...

kcapifony Gem for Ruby /lib/ksymfony1.rb Process List Local Plaintext Password Disclosure

kcapifony Gem for Ruby contains a flaw in /lib/ksymfony1.rb that is triggered as the program displays password information in plaintext in the process list. This may allow a local attacker to gain access to password information...

ciborg Gem for Ruby default.rb /tmp/perlbrew-installer Local Symlink File Overwrite

ciborg Gem for Ruby contains a flaw as default.rb creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/perlbrew-installer file to cause the program to unexpectedly overwrite an arbitrary file...

point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure

point-cli Gem for Ruby contains a flaw in /lib/commands/setup.rb that is due to the application exposing credential information in plaintext in the process table. This may allow a local attacker to gain access to credential information...

kajam Gem for Ruby /dataset/lib/dataset/database/postgresql.rb Process List Local Plaintext Password Disclosure

kajam Gem for Ruby contains a flaw in /dataset/lib/dataset/database/postgresql.rb that is triggered as the program exposes the MySQL or PostgreSQL password in the process list. This may allow a local attacker to gain access to password information...

lawn-login Gem for Ruby /lib/lawn.rb Process Table Local Plaintext Password Disclosure

lawn-login Gem for Ruby contains a flaw in /lib/lawn.rb that is due to the application exposing password information in plaintext in the process table. This may allow a local attacker to gain access to password information...

codders-dataset Gem for Ruby lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb Process Table Local Plaintext Credential Disclosure

"1 lib/dataset/database/mysql.rb and 2 lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process."...

cap-strap Gem for Ruby Process Table Local Plaintext Credential Disclosure

cap-strap Gem for Ruby contains a flaw that is due to the application exposing credential information in plaintext in the process table listing. This may allow a local attacker to gain access to credential information...

backup-agoddard Gem for Ruby /lib/backup/cli/utility.rb Process Table Local Plaintext Password Disclosure

backup-agoddard Gem for Ruby contains a flaw in /lib/backup/cli/utility.rb that is due to the application exposing password information in plaintext in the process table. This may allow a local attacker to gain access to password information...

lean-ruport Gem for Ruby /test/tc_database.rb Process Table Local Plaintext MySQL Password Disclosure

lean-ruport Gem for Ruby contains a flaw in /test/tcdatabase.rb that is due to the application exposing MySQL password information in plaintext in the process table. This may allow a local attacker to gain access to MySQL password information...

lynx Gem for Ruby command/basic.rb Process Table Local Plaintext Password Disclosure

lynx Gem for Ruby contains a flaw in command/basic.rb that is due to the application exposing password information in plaintext in the process table. This may allow a local attacker to gain access to password information...

Directory Traversal Vulnerability With Certain Route Configurations

There is a vulnerability in the 'implicit render' functionality in Ruby on Rails.The implicit render functionality allows controllers to render a template, even if there is no explicit action with the corresponding name. This module does not perform adequate input sanitization which could allow a...

sfpagent Gem for Ruby JSON[body] Module Name Remote Command Execution

sfpagent Gem for Ruby contains a flaw that is triggered as JSONbody input is not properly sanitized when handling module names with shell metacharacters. This may allow a context-dependent attacker to execute arbitrary commands...

CVE-2014-3916 ruby: DoS via long string in str_buf_cat()

The strbufcat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string...

OS command injection flaw in awesome_spawn

Awesome spawn contains OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments, e.g. AwesomeSpawn.run'ls',:params = '-l' = ";touch haxored". If untrusted input was included in command arguments, attacker could use this flaw to execute...

CVE-2014-2525 libyaml: heap-based buffer overflow when parsing URLs

Heap-based buffer overflow in the yamlparserscanuriescapes function in LibYAML before 0.1.6 allows context-dependent attackers to execute arbitrary code via a long sequence of percent-encoded characters in a URI in a YAML file...

Reflective XSS Vulnerability in twitter-bootstrap-rails

The twitter-bootstrap-rails Gem for Rails contains a flaw that enables a reflected cross-site scripting XSS attack. This flaw exists because the bootstrapflash helper method does not validate input when handling flash messages before returning it to users. This may allow a context-dependent...

CVE-2014-0135 rubygem-kafo: temporary file creation vulnerability when creating /tmp/default_values.yaml

Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...

Arabic Prawn Gem for Ruby lib/string_utf_support.rb User Input Handling Remote Command Injection

Arabic Prawn Gem for Ruby contains a flaw in the lib/stringutfsupport.rb file. The issue is due to the program failing to sanitize user input. This may allow a remote attacker to inject arbitrary commands. "lib/stringutfsupport.rb" in the Arabic Prawn 0.0.1 gem for Ruby allows remote attackers to...

CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client

The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors...

CVE-2014-0080 rubygem-activerecord: PostgreSQL array data injection vulnerability

SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresql/cast.rb in Active Record in Ruby on Rails 4.0.x before 4.0.3, and 4.1.0.beta1, when PostgreSQL is used, allows remote attackers to execute "add data" SQL commands via vectors involving \ backslash character...

CVE-2014-0082 rubygem-actionpack: Action View string handling denial of service

actionpack/lib/actionview/template/text.rb in Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service memory consumption by including these strings in heade...

CVE-2014-0081 rubygem-actionpack: number_to_currency, number_to_percentage and number_to_human XSS vulnerability

Multiple cross-site scripting XSS vulnerabilities in actionview/lib/actionview/helpers/numberhelper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the 1 format, 2 negativeformat, or 3 units...

CVE-2014-0083 rubygem-net-ldap: SSHA passwords generated by the net-ldap Ruby gem use a weak salt

The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords...

Ember.js XSS Vulnerability With {{link-to}} Helper in Non-block Form

In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, a change made to the implementation of the link-to helper means that any user-supplied data bound to the link-to helper's title attribute will not be escaped...

CVE-2014-1831 CVE-2014-1832 rubygem-passenger: insecure use of temporary files

'Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on 1 controlprocess.pid or a 2 generation- file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1831.'...

CVE-2014-1831 CVE-2014-1832 rubygem-passenger: insecure use of temporary files

Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on 1 controlprocess.pid or a 2 generation- file...

Ember.js Potential XSS Exploit With User-Supplied Data When Using {{group}} Helper

In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, we have identified a vulnerability that could lead to unescaped content being inserted into the innerHTML string without being sanitized. When using the group...

Ember.js Potential XSS Exploit With User-Supplied Data When Binding Primitive Values

In general, Ember.js escapes or strips any user-supplied content before inserting it in strings that will be sent to innerHTML. However, we have identified a vulnerability that could lead to unescaped content being inserted into the innerHTML string without being sanitized. When a primitive value...

echor Gem for Ruby backplane.rb perform_request Function Arbitrary Command Execution

Echor Gem for Ruby contains a flaw in backplane.rb in the performrequest function that is triggered when a semi-colon ; is injected into a username or password. This may allow a context-dependent attacker to inject arbitrary commands if the gem is used in a rails application...

echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure

echor Gem for Ruby contains a flaw that is due to the program exposing credential information in the system process listing. This may allow a local attacker to gain access to plaintext credential information...

Paratrooper-newrelic Gem for Ruby Process Listing API Key Local Disclosure

Paratrooper-newrelic Gem for Ruby contains a flaw in /lib/paratrooper-newrelic.rb. The issue is triggered when the script exposes the API key, allowing a local attacker to gain access to it by monitoring the process tree...

paratrooper-pingdom Gem for Ruby /lib/paratrooper-pingdom.rb API Login Credentials Local Disclosure

paratrooper-pingdom Gem for Ruby contains a flaw in /lib/paratrooper-pingdom.rb. The issue is triggered when the script exposes API login credentials, allowing a local attacker to gain access to the API key, username, and password for the API login by monitoring the process tree...

Fat Free CRM Gem for Ruby allows remote attackers to inject or manipulate SQL queries

Fat Free CRM contains a flaw that may allow carrying out an SQL injection attack. The issue is due to the app/controllers/homecontroller.rb script not properly sanitizing user-supplied input to the 'state' parameter or input passed via comments and emails. This may allow a remote attacker to inje...

Fat Free CRM Gem for Ruby contains multiple cross-site request forgery (CSRF) vulnerabilities

Fat Free CRM contains a flaw as the application is missing the protectfromforgery statement, therefore HTTP requests to app/controllers/applicationcontroller.rb do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. By tricking a user in...

Fat Free CRM Gem for Ruby allows remote attackers to obtain sensitive informations

Fat Free CRM contains a flaw in user controllers that is triggered as JSON requests are rendered with a full JSON object. This may allow a remote attacker to gain access to potentially sensitive information e.g. other users password hashes...

Fat Free CRM Gem for Ruby allows remote attackers to obtain sensitive informations

Fat Free CRM contains a flaw that is triggered when the attacker sends a direct request for XML data. This may allow a remote attacker to gain access to potentially sensitive information...

Fat Free CRM Gem for Ruby lack of support for cycling the Rails session secret

Fat Free CRM contains a flaw that is due to the application defining a static security session token in config/initialiers/secrettoken.rb. If a remote attacker has explicit knowledge of this token, they can potentially execute arbitrary code...

Bio Basespace SDK Gem for Ruby Command Line API Key Disclosure

Bio Basespace SDK Gem for Ruby contains a flaw that is due to the API client code passing the APIKEY to a curl command. This may allow a local attacker to gain access to API key information by monitoring the process table...

CVE-2013-6461 rubygem-nokogiri: DoS while parsing XML entities

Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits...