Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ruby-lang ruby 1.9 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-3657
The dl module in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent malicious users to bypass safe levels and execute da...
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.8.0
1 EDB exploit
785
VMScore
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 allows...
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.9.0
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby
1 EDB exploit
505
VMScore
CVE-2008-3443
The regular expression engine (regex.c) in Ruby 1.8.5 and previous versions, 1.8.6 up to and including 1.8.6-p286, 1.8.7 up to and including 1.8.7-p71, and 1.9 through r18423 allows remote malicious users to cause a denial of service (infinite loop and crash) via multiple long re...
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.9.0
1 EDB exploit
516
VMScore
CVE-2008-3905
resolv.rb in Ruby 1.8.5 and previous versions, 1.8.6 prior to 1.8.6-p287, 1.8.7 prior to 1.8.7-p72, and 1.9 r18423 and previous versions uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote malicious users to spoof DNS respo...
Ruby-lang Ruby 1.8.3
Ruby-lang Ruby 1.8.4
Ruby-lang Ruby 1.8.6
Ruby-lang Ruby 1.8.7
Ruby-lang Ruby
Ruby-lang Ruby 1.8.1
Ruby-lang Ruby 1.8.2
Ruby-lang Ruby 1.6.8
Ruby-lang Ruby 1.8.0
Ruby-lang Ruby 1.6
641
VMScore
CVE-2010-2489
Buffer overflow in Ruby 1.9.x prior to 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files.
Ruby-lang Ruby 1.9.0-0
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.0-1
Ruby-lang Ruby 1.9.0-2
Ruby-lang Ruby 1.9.0-20060415
Ruby-lang Ruby 1.9.0-20070709
785
VMScore
CVE-2008-4310
httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote malicious users to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for CVE-2008-3656.
Ruby-lang Ruby 1.8.5
Ruby-lang Ruby 1.8.1
1 EDB exploit
445
VMScore
CVE-2015-3900
RubyGems 2.0.x prior to 2.0.16, 2.2.x prior to 2.2.4, and 2.4.x prior to 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote malicious users to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hij...
Ruby-lang Ruby 2.1.1
Ruby-lang Ruby 2.1.2
Ruby-lang Ruby 1.9.3
Ruby-lang Ruby 2.0.0
Ruby-lang Ruby 2.1
Ruby-lang Ruby 1.9.1
Ruby-lang Ruby 1.9.2
Ruby-lang Ruby 2.1.5
Ruby-lang Ruby 2.2.0
Ruby-lang Ruby 1.9
Ruby-lang Ruby 2.1.3
Ruby-lang Ruby 2.1.4
Rubygems Rubygems 2.0.1
Rubygems Rubygems 2.0.2
Rubygems Rubygems 2.0.3
Rubygems Rubygems 2.0.10
Rubygems Rubygems 2.0.11
Rubygems Rubygems 2.2.2
Rubygems Rubygems 2.2.3
Rubygems Rubygems 2.0.4
Rubygems Rubygems 2.0.5
Rubygems Rubygems 2.0.12
1 Github repository
1 Article
505
VMScore
CVE-2008-1145
Directory traversal vulnerability in WEBrick in Ruby 1.8 prior to 1.8.5-p115 and 1.8.6-p114, and 1.9 up to and including 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote malicious users to access arbitrary f...
Ruby-lang Webrick -
Fedoraproject Fedora 8
Fedoraproject Fedora 7
1 EDB exploit
383
VMScore
CVE-2013-4363
Algorithmic complexity vulnerability in Gem::Version::ANCHORED_VERSION_PATTERN in lib/rubygems/version.rb in RubyGems prior to 1.8.23.2, 1.8.24 up to and including 1.8.26, 2.0.x prior to 2.0.10, and 2.1.x prior to 2.1.5, as used in Ruby 1.9.0 up to and including 2.0.0p247, allows...
Rubygems Rubygems 2.1.4
Rubygems Rubygems
Rubygems Rubygems 2.0.2
Rubygems Rubygems 2.0.3
Rubygems Rubygems 1.8.24
Rubygems Rubygems 1.8.25
Rubygems Rubygems 1.8.13
Rubygems Rubygems 1.8.14
Rubygems Rubygems 1.8.21
Rubygems Rubygems 1.8.22
Rubygems Rubygems 1.8.9
Rubygems Rubygems 2.1.0
Rubygems Rubygems 2.0.0
Rubygems Rubygems 2.0.4
Rubygems Rubygems 2.0.5
Rubygems Rubygems 1.8.26
Rubygems Rubygems 1.8.0
Rubygems Rubygems 1.8.15
Rubygems Rubygems 1.8.16
Rubygems Rubygems 1.8.17
Rubygems Rubygems 1.8.3
Rubygems Rubygems 1.8.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2