Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby-lang vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-3655
Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent malicious users to bypass...
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby
Ruby-lang Ruby 1.8.0
2 EDB exploits
7.5
CVSSv2
CVE-2008-3657
The dl module in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent malicious users to bypass safe levels and execute da...
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.8.0
1 EDB exploit
7.5
CVSSv2
CVE-2008-2376
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent malicious users to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greate...
Ruby-lang Ruby 1.8.6.230
7.2
CVSSv2
CVE-2010-2489
Buffer overflow in Ruby 1.9.x prior to 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.0-2
Ruby-lang Ruby 1.9.0-20060415
Ruby-lang Ruby 1.9.0-20070709
6.9
CVSSv2
CVE-2020-8130
There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.
Ruby-lang Rake
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
2 Github repositories
6.8
CVSSv2
CVE-2019-16255
Ruby up to and including 2.4.7, 2.5.x up to and including 2.5.6, and 2.6.x up to and including 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to cal...
Ruby-lang Ruby
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Opensuse Leap 15.1
Oracle Graalvm 19.3.0.2
6.8
CVSSv2
CVE-2013-4164
Heap-based buffer overflow in Ruby 1.8, 1.9 prior to 1.9.3-p484, 2.0 prior to 2.0.0-p353, 2.1 prior to 2.1.0 preview2, and trunk before revision 43780 allows context-dependent malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code vi...
Ruby-lang Ruby 2.1
Ruby-lang Ruby 2.0.0
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.8
6.8
CVSSv2
CVE-2011-0188
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and previous versions, as used on Apple Mac OS X prior to 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent malicious users to execute arbitrary code or ...
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.0-20060415
Ruby-lang Ruby
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.0-20070709
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.9.0-2
6.8
CVSSv2
CVE-2009-0642
ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote malicious users to successfully present an invalid X.509 certificate, possibly involving a revoked certificate.
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.8
6.4
CVSSv2
CVE-2019-15845
Ruby up to and including 2.4.7, 2.5.x up to and including 2.5.6, and 2.6.x up to and including 2.6.4 mishandles path checking within File.fnmatch functions.
Ruby-lang Ruby
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »