Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activerecord project activerecord vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-32224
A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record < 7.0.3.1, <6.1.6.1, <6.0.5.1 and <5.2.8.1 which could allow an attacker, that can manipulate data in the database (via means like SQL injection), the ability to esca...
Activerecord Project Activerecord
2 Github repositories
NA
CVE-2022-44566
A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing ...
Activerecord Project Activerecord
NA
CVE-2023-22794
A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds ann...
Activerecord Project Activerecord
NA
CVE-2022-35956
This Rails gem adds two methods to the ActiveRecord::Base class that allow you to update many records on a single database hit, using a case sql statement for it. Before version 0.1.3 `update_by_case` gem used custom sql strings, and it was not sanitized, making it vulnerable to ...
Update By Case Project Update By Case
7.5
CVSSv2
CVE-2011-2930
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails prior to 2.3.13, 3.0.x prior to 3.0.10, and 3.1.x prior to 3.1.0.rc5 allow remote malicious users to execute ...
Rubyonrails Rails 2.3.10
Rubyonrails Rails 2.2.1
Rubyonrails Rails 2.0.2
Rubyonrails Rails 2.0.0
Rubyonrails Rails 2.3.4
Rubyonrails Rails 3.0.5
Rubyonrails Rails 3.0.7
Rubyonrails Rails 3.0.2
Rubyonrails Rails 3.0.9
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.1.0
Rubyonrails Rails 2.3.11
Rubyonrails Rails 2.3.12
Rubyonrails Rails 2.3.3
Rubyonrails Rails 2.3.2
Rubyonrails Rails 3.0.4
Rubyonrails Rails 3.0.8
Rubyonrails Rails 3.0.1
Rubyonrails Rails 2.1.1
Rubyonrails Rails 2.1.2
Rubyonrails Rails 2.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started