Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby-lang ruby 1.8.6 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-2662
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and previous versions, 1.8.5 prior to 1.8.5-p231, 1.8.6 prior to 1.8.6-p230, 1.8.7 prior to 1.8.7-p22, and 1.9.0 prior to 1.9.0-2 allow context-dependent malicious users to execute arbitrary code or cause ...
Ruby-lang Ruby
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
10
CVSSv2
CVE-2008-2663
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and previous versions, 1.8.5 prior to 1.8.5-p231, 1.8.6 prior to 1.8.6-p230, and 1.8.7 prior to 1.8.7-p22 allow context-dependent malicious users to execute arbitrary code or cause a denial of service via unkno...
Ruby-lang Ruby
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 8.04
7.8
CVSSv2
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 allows...
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby
1 EDB exploit
7.8
CVSSv2
CVE-2008-2664
The rb_str_format function in Ruby 1.8.4 and previous versions, 1.8.5 prior to 1.8.5-p231, 1.8.6 prior to 1.8.6-p230, 1.8.7 prior to 1.8.7-p22, and 1.9.0 prior to 1.9.0-2 allows context-dependent malicious users to trigger memory corruption via unspecified vectors related to allo...
Ruby-lang Ruby
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 8.04
7.8
CVSSv2
CVE-2008-2725
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and previous versions, 1.8.5 prior to 1.8.5-p231, 1.8.6 prior to 1.8.6-p230, and 1.8.7 prior to 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent malicious users to trigger memory corr...
Ruby-lang Ruby
Debian Debian Linux 4.0
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 6.06
7.8
CVSSv2
CVE-2008-2726
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and previous versions, 1.8.5 prior to 1.8.5-p231, 1.8.6 prior to 1.8.6-p230, 1.8.7 prior to 1.8.7-p22, and 1.9.0 prior to 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent malicious user...
Ruby-lang Ruby
Debian Debian Linux 4.0
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 7.04
Canonical Ubuntu Linux 6.06
7.5
CVSSv2
CVE-2009-4492
WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, ...
Ruby-lang Webrick 1.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-3655
Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent malicious users to bypass...
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby
Ruby-lang Ruby 1.8.0
2 EDB exploits
7.5
CVSSv2
CVE-2008-3657
The dl module in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent malicious users to bypass safe levels and execute da...
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.8.0
1 EDB exploit
6.3
CVSSv2
CVE-2011-1004
The FileUtils.remove_entry_secure method in Ruby 1.8.6 up to and including 1.8.6-420, 1.8.7 up to and including 1.8.7-330, 1.8.8dev, 1.9.1 up to and including 1.9.1-430, 1.9.2 up to and including 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink a...
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.8
Ruby-lang Ruby 1.9.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »