Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rubyonrails rails 4.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6416
Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x prior to 4.0.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted HTML attribute.
Rubyonrails Rails 4.0.0
Rubyonrails Rails
Rubyonrails Rails 4.0.1
NA
CVE-2014-0080
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/cast.rb in Active Record in Ruby on Rails 4.0.x prior to 4.0.3, and 4.1.0.beta1, when PostgreSQL is used, allows remote malicious users to execute "add data" SQL commands via ve...
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.1.0
5.3
CVSSv3
CVE-2016-2097
Directory traversal vulnerability in Action View in Ruby on Rails prior to 3.2.22.2 and 4.x prior to 4.1.14.2 allows remote malicious users to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname...
Rubyonrails Ruby On Rails 4.1.14.1
Rubyonrails Ruby On Rails
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.1.9
Rubyonrails Rails 4.1.10
Rubyonrails Rails 4.1.12
Rubyonrails Rails 4.1.13
Rubyonrails Rails 4.1.14
Rubyonrails Rails 4.0.7
Rubyonrails Rails 4.0.8
Rubyonrails Rails 4.0.9
Rubyonrails Rails 4.1.1
Rubyonrails Rails 4.1.3
Rubyonrails Rails 4.1.4
Rubyonrails Rails 4.1.5
Rubyonrails Rails 4.1.7
7.3
CVSSv3
CVE-2016-2098
Action Pack in Ruby on Rails prior to 3.2.22.2, 4.x prior to 4.1.14.2, and 4.2.x prior to 4.2.5.2 allows remote malicious users to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
Debian Debian Linux 8.0
Rubyonrails Ruby On Rails 4.1.14.1
Rubyonrails Ruby On Rails
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.1.9
Rubyonrails Rails 4.1.10
Rubyonrails Rails 4.1.12
Rubyonrails Rails 4.1.13
Rubyonrails Rails 4.1.14
Rubyonrails Rails 4.2.0
Rubyonrails Rails 4.2.1
Rubyonrails Rails 4.2.3
Rubyonrails Rails 4.2.4
Rubyonrails Rails 4.2.5
Rubyonrails Rails 4.0.7
Rubyonrails Rails 4.0.8
1 EDB exploit
10 Github repositories
NA
CVE-2014-7818
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x prior to 3.2.20, 4.0.x prior to 4.0.11, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.2.0.beta3, when serve_static_assets is enabled, allows remote malicious ...
Rubyonrails Ruby On Rails 3.2.19
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.2.0
Rubyonrails Rails 4.0.7
Rubyonrails Rails 4.0.8
Rubyonrails Rails 4.0.9
Rubyonrails Rails 4.1.1
Rubyonrails Rails 4.1.3
Rubyonrails Rails 4.1.4
Rubyonrails Rails 4.1.5
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.12
NA
CVE-2014-7829
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x prior to 3.2.21, 4.0.x prior to 4.0.12, 4.1.x prior to 4.1.8, and 4.2.x prior to 4.2.0.beta4, when serve_static_assets is enabled, allows remote malicious ...
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Rubyonrails Ruby On Rails 3.2.19
Rubyonrails Ruby On Rails 4.0.11
Rubyonrails Ruby On Rails 3.2.20
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.2.0
Rubyonrails Rails 4.0.7
Rubyonrails Rails 4.0.8
Rubyonrails Rails 4.0.9
Rubyonrails Rails 4.1.1
NA
CVE-2015-1840
jquery_ujs.js in jquery-rails prior to 3.1.3 and 4.x prior to 4.0.4 and rails.js in jquery-ujs prior to 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote malicious users to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web...
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Rubyonrails Jquery-rails 4.0.0
Rubyonrails Jquery-rails
Rubyonrails Jquery-rails 4.0.1
Rubyonrails Jquery-ujs
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started