Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

rubyonrails rails 4.0.2 vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2014-0080
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/cast.rb in Active Record in Ruby on Rails 4.0.x before 4.0.3, and 4.1.0.beta1, when PostgreSQL is used, allows remote attackers to execute "add data" SQL commands via vectors...
Rubyonrails Rails 4.0.2Rubyonrails Rails 4.0.1Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.0
NA
CVE-2014-3514
activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection mechanism via crafted input to an application that makes create_with calls....
Rubyonrails Rails 4.0.0Rubyonrails Rails 4.0.2Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.7Rubyonrails Rails 4.1.0Rubyonrails Rails 4.1.3Rubyonrails Rails 4.1.4Rubyonrails Rails 4.0.8Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.6Rubyonrails Rails 4.1.2Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.5Rubyonrails Rails 4.1.1
7.5
CVSSv3
CVE-2016-0751
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows remote attackers to cause a...
Rubyonrails Rails 4.2.5Rubyonrails Rails 4.2.4Rubyonrails Rails 4.2.1Rubyonrails Rails 4.2.0Rubyonrails Rails 4.1.5Rubyonrails Rails 4.1.6Rubyonrails Rails 4.1.13Rubyonrails Rails 4.1.12Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.0Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.10Rubyonrails Ruby On Rails 4.0.11.1Rubyonrails Rails 4.1.8Rubyonrails Rails 4.1.7Rubyonrails Rails 4.1.10Rubyonrails Rails 4.1.9Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.6Rubyonrails Ruby On Rails 4.0.13Rubyonrails Rails 5.0.0Rubyonrails Rails 4.2.2Rubyonrails Rails 4.1.2Rubyonrails Rails 4.1.1Rubyonrails Rails 4.0.7Rubyonrails Ruby On Rails 4.0.12Rubyonrails Ruby On RailsRubyonrails Rails 4.2.3Rubyonrails Rails 4.1.4Rubyonrails Rails 4.1.3Rubyonrails Ruby On Rails 4.1.11Rubyonrails Ruby On Rails 4.0.10Rubyonrails Rails 4.0.9Rubyonrails Rails 4.0.8Rubyonrails Ruby On Rails 4.0.11Rubyonrails Rails 4.0.2
NA
CVE-2014-3483
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging...
Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.6Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.2Rubyonrails Rails 4.1.2Rubyonrails Rails 4.1.1Rubyonrails Rails 4.0.0
5.3
CVSSv3
CVE-2015-7577
activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly implement a certain destroy option, which allows remote...
Rubyonrails Rails 4.2.4Rubyonrails Rails 4.2.1Rubyonrails Rails 4.2.0Rubyonrails Rails 4.1.14Rubyonrails Ruby On Rails 4.1.11Rubyonrails Rails 4.1.10Rubyonrails Rails 4.1.8Rubyonrails Rails 4.1.7.1Rubyonrails Rails 4.1.7Rubyonrails Rails 4.1.2Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.10Rubyonrails Rails 4.0.9Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.1Rubyonrails Rails 5.0.0Rubyonrails Rails 4.2.5Rubyonrails Rails 4.2.2Rubyonrails Rails 4.1.13Rubyonrails Rails 4.1.6Rubyonrails Rails 4.1.5Rubyonrails Rails 4.1.1Rubyonrails Ruby On Rails 4.0.12Rubyonrails Ruby On Rails 4.0.11.1Rubyonrails Rails 4.0.6Rubyonrails Rails 4.0.2Rubyonrails Rails 4.0.0Rubyonrails Ruby On RailsRubyonrails Rails 4.1.12Rubyonrails Rails 4.1.9Rubyonrails Rails 4.1.4Rubyonrails Rails 4.1.3Rubyonrails Ruby On Rails 4.0.11Rubyonrails Ruby On Rails 4.0.10Rubyonrails Rails 4.2.3Rubyonrails Ruby On Rails 4.0.13Rubyonrails Rails 4.0.8Rubyonrails Rails 4.0.7Rubyonrails Rails 4.0.3
NA
CVE-2013-4491
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/translation_helper.rb in the internationalization component in Ruby on Rails 3.x before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted string...
Rubyonrails Rails 4.0.1Rubyonrails RailsRubyonrails Rails 4.0.0Rubyonrails Rails 3.2.6Rubyonrails Rails 3.2.5Rubyonrails Rails 3.2.2Rubyonrails Ruby On Rails 3.2.15Rubyonrails Rails 3.2.13Rubyonrails Rails 3.2.12Rubyonrails Rails 3.1.9Rubyonrails Rails 3.1.8Rubyonrails Rails 3.1.3Rubyonrails Rails 3.1.2Rubyonrails Rails 3.1.1Rubyonrails Rails 3.1.0Rubyonrails Rails 3.0.9Rubyonrails Rails 3.0.8Rubyonrails Rails 3.0.6Rubyonrails Rails 3.0.3Rubyonrails Rails 3.0.20Rubyonrails Rails 3.0.14Rubyonrails Rails 3.0.13Rubyonrails Rails 3.0.1Rubyonrails Rails 3.0.0Rubyonrails Rails 3.2.8Rubyonrails Rails 3.2.7Rubyonrails Rails 3.2.3Rubyonrails Rails 3.2.0Rubyonrails Rails 3.1.4Rubyonrails Rails 3.0.7Rubyonrails Ruby On Rails 3.0.4Rubyonrails Rails 3.0.17Rubyonrails Rails 3.0.16Rubyonrails Rails 3.0.10Rubyonrails Rails 3.2.9Rubyonrails Ruby On Rails 3.2.14Rubyonrails Rails 3.2.1Rubyonrails Rails 3.1.5Rubyonrails Rails 3.1.10Rubyonrails Rails 3.0.5Rubyonrails Rails 3.0.4Rubyonrails Rails 3.0.19Rubyonrails Rails 3.0.18Rubyonrails Rails 3.0.11Rubyonrails Rails 3.2.4Rubyonrails Ruby On RailsRubyonrails Rails 3.2.11Rubyonrails Rails 3.2.10Rubyonrails Rails 3.1.7Rubyonrails Rails 3.1.6Rubyonrails Ruby On Rails 3.1.11Rubyonrails Rails 3.0.2Rubyonrails Rails 3.0.12
NA
CVE-2014-0130
Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb in the implicit-render implementation in Ruby on Rails before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1, when certain route globbing configurations are enabled, allows remote attackers to...
Redhat Subscription Asset ManagerRubyonrails Rails 4.1.0Rubyonrails Ruby On RailsRubyonrails Rails 3.2.0Rubyonrails Rails 3.2.1Rubyonrails Rails 3.2.4Rubyonrails Rails 3.2.5Rubyonrails Rails 3.2.6Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.0Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.2Rubyonrails Rails 3.2.11Rubyonrails Rails 3.2.13Rubyonrails Rails 3.2.2Rubyonrails Rails 3.2.3Rubyonrails Rails 3.2.8Rubyonrails Rails 3.2.15Rubyonrails Rails 3.2.16Rubyonrails Rails 4.0.4Rubyonrails Rails 3.2.10Rubyonrails Rails 3.2.12Rubyonrails Rails 3.2.7Rubyonrails Rails 3.2.9
NA
CVE-2014-7829
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4.2.0.beta4, when serve_static_assets is enabled, allows remote attackers to...
Opensuse Opensuse 12.3Opensuse Opensuse 13.1Opensuse Opensuse 13.2Rubyonrails Rails 3.0.0Rubyonrails Rails 3.0.1Rubyonrails Rails 3.0.10Rubyonrails Rails 3.0.14Rubyonrails Rails 3.0.16Rubyonrails Ruby On Rails 3.0.4Rubyonrails Rails 3.0.4Rubyonrails Rails 3.0.7Rubyonrails Rails 3.0.9Rubyonrails Rails 3.1.0Rubyonrails Rails 3.1.1Rubyonrails Rails 3.1.4Rubyonrails Rails 3.1.5Rubyonrails Rails 3.2.0Rubyonrails Rails 3.2.15Rubyonrails Rails 3.2.16Rubyonrails Rails 3.2.3Rubyonrails Rails 4.0.0Rubyonrails Rails 4.0.1Rubyonrails Rails 4.0.10Rubyonrails Rails 4.0.6Rubyonrails Rails 4.0.7Rubyonrails Rails 4.1.1Rubyonrails Rails 4.1.2Rubyonrails Rails 4.1.6Rubyonrails Rails 3.0.12Rubyonrails Rails 3.0.2Rubyonrails Rails 3.0.5Rubyonrails Rails 3.0.6Rubyonrails Rails 3.0.8Rubyonrails Rails 3.1.2Rubyonrails Rails 3.1.7Rubyonrails Rails 3.1.8Rubyonrails Rails 3.2.11Rubyonrails Rails 3.2.12Rubyonrails Ruby On Rails 3.2.19Rubyonrails Ruby On Rails 3.2.20Rubyonrails Rails 3.2.5Rubyonrails Rails 3.2.6Rubyonrails Rails 4.0.4Rubyonrails Rails 4.0.5Rubyonrails Ruby On Rails 4.0.11Rubyonrails Rails 4.1.3Rubyonrails Rails 4.2.0Rubyonrails Rails 3.0.13Rubyonrails Rails 3.0.20Rubyonrails Rails 3.0.3Rubyonrails Rails 3.1.3Rubyonrails Rails 3.1.9Rubyonrails Rails 3.2.13Rubyonrails Rails 3.2.2Rubyonrails Rails 3.2.7Rubyonrails Rails 3.2.8Rubyonrails Rails 4.1.0Rubyonrails Rails 4.1.4Rubyonrails Rails 4.1.5Rubyonrails Rails 3.0.11Rubyonrails Rails 3.0.17Rubyonrails Rails 3.0.18Rubyonrails Rails 3.0.19Rubyonrails Rails 3.1.10Rubyonrails Rails 3.1.6Rubyonrails Rails 3.2.1Rubyonrails Rails 3.2.10Rubyonrails Rails 3.2.17Rubyonrails Rails 3.2.18Rubyonrails Rails 3.2.4Rubyonrails Rails 4.0.2Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.8Rubyonrails Rails 4.0.9Rubyonrails Rails 4.1.7
7.5
CVSSv3
CVE-2015-7581
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a...
Rubyonrails Rails 5.0.0Rubyonrails Rails 4.2.5Rubyonrails Rails 4.1.7Rubyonrails Rails 4.1.6Rubyonrails Rails 4.1.5Rubyonrails Rails 4.1.1Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.6Rubyonrails Rails 4.0.1Rubyonrails Rails 4.2.0Rubyonrails Rails 4.1.8Rubyonrails Rails 4.1.2Rubyonrails Rails 4.0.10Rubyonrails Rails 4.0.0Rubyonrails Rails 4.2.4Rubyonrails Rails 4.2.3Rubyonrails Rails 4.1.4Rubyonrails Rails 4.1.3Rubyonrails Rails 4.0.9Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.4Rubyonrails Rails 4.2.2Rubyonrails Rails 4.2.1Rubyonrails Rails 4.0.8Rubyonrails Rails 4.0.7Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.2
5.3
CVSSv3
CVE-2016-2097
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.2 and 4.x before 4.1.14.2 allows remote attackers to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname. NOTE:...
Rubyonrails Rails 4.0.4Rubyonrails Rails 4.1.9Rubyonrails Rails 4.1.4Rubyonrails Rails 4.1.3Rubyonrails Rails 4.1.12Rubyonrails Rails 4.1.10Rubyonrails Rails 4.1.0Rubyonrails Rails 4.0.6Rubyonrails Rails 4.0.5Rubyonrails Rails 4.0.1Rubyonrails Ruby On RailsRubyonrails Rails 4.1.6Rubyonrails Rails 4.1.5Rubyonrails Rails 4.1.14Rubyonrails Rails 4.1.13Rubyonrails Rails 4.0.10Rubyonrails Rails 4.0.0Rubyonrails Rails 4.1.7Rubyonrails Rails 4.1.2Rubyonrails Rails 4.1.1Rubyonrails Rails 4.0.8Rubyonrails Rails 4.0.7Rubyonrails Rails 4.0.3Rubyonrails Rails 4.0.2Rubyonrails Rails 4.1.8Rubyonrails Rails 4.1.7.1Rubyonrails Rails 4.0.9Rubyonrails Ruby On Rails 4.1.14.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
arbitrary CVE-2022-2257CVE-2013-4585CVE-2013-4493CVE-2022-26134brute forceSQLCVE-2022-30333CVE-2022-33327
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook