Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
drew vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-49768
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembly: from n/a up to and including 2.0.10.
NA
CVE-2011-1004
The FileUtils.remove_entry_secure method in Ruby 1.8.6 up to and including 1.8.6-420, 1.8.7 up to and including 1.8.7-330, 1.8.8dev, 1.9.1 up to and including 1.9.1-430, 1.9.2 up to and including 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink a...
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.8
Ruby-lang Ruby 1.9.1
NA
CVE-2008-4225
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent malicious users to cause a denial of service (infinite loop) via a large XML document.
Xmlsoft Libxml 2.7.2
NA
CVE-2010-0541
Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8, and 10.6 prior to 10.6.4, allows remote malicious users to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page.
Apple Mac Os X 10.6.2
Apple Mac Os X Server 10.6.0
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.1
Apple Mac Os X Server 10.6.3
Apple Mac Os X 10.6.3
Apple Mac Os X Server 10.5.8
Apple Mac Os X 10.5.8
Apple Mac Os X Server 10.6.1
Apple Mac Os X Server 10.6.2
NA
CVE-2008-4226
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
Xmlsoft Libxml 2.7.2
NA
CVE-2011-2705
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby prior to 1.8.7-p352 and 1.9.x prior to 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent malicious users to predict the result string by leveraging knowledge of ran...
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby
Ruby-lang Ruby 1.8.7-p21
Ruby-lang Ruby 1.8.7-173
Ruby-lang Ruby 1.8.7-160
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7-249
Ruby-lang Ruby 1.8.7-248
Ruby-lang Ruby 1.8.7-302
Ruby-lang Ruby 1.8.7-299
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.9.0-2
Ruby-lang Ruby 1.9.0-20070709
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.2-p180
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9.2-p136
Ruby-lang Ruby 1.9.0-20060415
NA
CVE-2009-1722
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Openexr Openexr 1.2.2
NA
CVE-2011-2686
Ruby prior to 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent malicious users to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a related issue to CVE-2...
Ruby-lang Ruby 1.8.7-302
Ruby-lang Ruby 1.8.7-249
Ruby-lang Ruby 1.8.7-299
Ruby-lang Ruby
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.7-330
Ruby-lang Ruby 1.8.7-160
Ruby-lang Ruby 1.8.7-173
Ruby-lang Ruby 1.8.7-p21
Ruby-lang Ruby 1.8.7-248
NA
CVE-2009-1721
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
Openexr Openexr 1.2.2
Openexr Openexr 1.6.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Opensuse Opensuse 10.0
Apple Mac Os X
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Fedoraproject Fedora 11
Fedoraproject Fedora 10
NA
CVE-2011-0188
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and previous versions, as used on Apple Mac OS X prior to 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent malicious users to execute arbitrary code or ...
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 1.9.0-20060415
Ruby-lang Ruby
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.9.0-20070709
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.9.0-2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »