Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drew vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-49768
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembly: from n/a up to and including 2.0.10.
561
VMScore
CVE-2011-1004
The FileUtils.remove_entry_secure method in Ruby 1.8.6 up to and including 1.8.6-420, 1.8.7 up to and including 1.8.7-330, 1.8.8dev, 1.9.1 up to and including 1.9.1-430, 1.9.2 up to and including 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink a...
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.8
Ruby-lang Ruby 1.8.6
694
VMScore
CVE-2008-4225
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent malicious users to cause a denial of service (infinite loop) via a large XML document.
Xmlsoft Libxml 2.7.2
383
VMScore
CVE-2010-0541
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 prior to 10.6.4, allows remote malicious users to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.
Apple Mac Os X 10.5.8
Apple Mac Os X Server 10.5.8
Apple Mac Os X Server 10.6.3
Apple Mac Os X 10.6.3
Apple Mac Os X Server 10.6.1
Apple Mac Os X Server 10.6.2
Apple Mac Os X 10.6.1
Apple Mac Os X Server 10.6.0
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.2
890
VMScore
CVE-2008-4226
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Xmlsoft Libxml 2.7.2
445
VMScore
CVE-2011-2705
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby prior to 1.8.7-p352 and 1.9.x prior to 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent malicious users to predict the result string by leveraging knowledge of ran...
Ruby-lang Ruby 1.8.7-302
Ruby-lang Ruby 1.8.7-249
Ruby-lang Ruby 1.8.7-299
Ruby-lang Ruby
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7-160
Ruby-lang Ruby 1.8.7-173
Ruby-lang Ruby 1.8.7-p21
Ruby-lang Ruby 1.8.7-248
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.0-20070709
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.0-20060415
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.0-2
Ruby-lang Ruby 1.9.2-p180
Ruby-lang Ruby 1.9.2-p136
605
VMScore
CVE-2009-1722
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Openexr Openexr 1.2.2
445
VMScore
CVE-2011-2686
Ruby prior to 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent malicious users to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2...
Ruby-lang Ruby 1.8.7-302
Ruby-lang Ruby 1.8.7-249
Ruby-lang Ruby 1.8.7-299
Ruby-lang Ruby
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7-160
Ruby-lang Ruby 1.8.7-173
Ruby-lang Ruby 1.8.7-p21
Ruby-lang Ruby 1.8.7-248
605
VMScore
CVE-2009-1721
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
Openexr Openexr 1.2.2
Openexr Openexr 1.6.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Opensuse Opensuse 10.0
Apple Mac Os X
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Fedoraproject Fedora 11
Fedoraproject Fedora 10
605
VMScore
CVE-2011-0188
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and previous versions, as used on Apple Mac OS X prior to 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent malicious users to execute arbitrary code or ...
Ruby-lang Ruby
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.0-2
Ruby-lang Ruby 1.9.0-20060415
Ruby-lang Ruby 1.9.0-20070709
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »