Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2011-5331
Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.
Distributed Ruby Project Distributed Ruby 1.8
668
VMScore
CVE-2019-18841
Chartkick.js 3.1.0 up to and including 3.1.3, as used in the Chartkick gem prior to 3.3.0 for Ruby, allows prototype pollution.
Chartkick Chartkick.js
668
VMScore
CVE-2010-2446
Rbot Reaction plugin allows command execution
Ruby-rbot Rbot -
668
VMScore
CVE-2019-17383
The netaddr gem prior to 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem.
Netaddr Project Netaddr
668
VMScore
CVE-2019-16377
The makandra consul gem up to and including 1.0.2 for Ruby has Incorrect Access Control.
Makandra Consul
668
VMScore
CVE-2019-15224
The rest-client gem 1.6.10 up to and including 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected.
Rest-client Project Rest-client
1 Article
668
VMScore
CVE-2019-5477
A command injection vulnerability in Nokogiri v1.10.3 and previous versions allows commands to be executed in a subprocess via Ruby's `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being called with unsa...
Nokogiri Nokogiri
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 10.0
1 Github repository
668
VMScore
CVE-2019-14281
The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
Datagrid Project Datagrid 1.0.6
668
VMScore
CVE-2019-14282
The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party.
Simple Captcha2 Project Simple Captcha2 0.2.3
668
VMScore
CVE-2019-13589
The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.1.5.
Anjlab Paranoid2 1.1.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »