Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rubyonrails rails 4.1.6 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-3227
The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails prior to 4.1.11 and 4.2.x prior to 4.2.2, when JDOM or REXML is enabled, allow remote malicious users to cause a denial of service (SystemStackError) via a large XML document depth.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.2.0
Rubyonrails Rails 4.2.1
Rubyonrails Rails 4.1.1
Rubyonrails Rails 4.1.3
Rubyonrails Rails 4.1.4
Rubyonrails Rails 4.1.5
Rubyonrails Rails 4.1.7
Rubyonrails Rails 4.1.8
Rubyonrails Rails 4.1.0
383
VMScore
CVE-2015-3226
Cross-site scripting (XSS) vulnerability in json/encoding.rb in Active Support in Ruby on Rails 3.x and 4.1.x prior to 4.1.11 and 4.2.x prior to 4.2.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted Hash that is mishandled during JSON encoding.
Rubyonrails Ruby On Rails 3.2.14
Rubyonrails Rails 3.0.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.2.0
Rubyonrails Rails 4.2.1
Rubyonrails Rails 4.1.1
Rubyonrails Rails 4.1.3
Rubyonrails Rails 4.1.4
Rubyonrails Rails 4.1.5
Rubyonrails Rails 4.1.7
Rubyonrails Rails 4.1.8
Rubyonrails Rails 3.1.0
Rubyonrails Rails 3.2.0
Rubyonrails Rails 3.2.7
Rubyonrails Rails 3.2.8
Rubyonrails Rails 3.2.9
Rubyonrails Rails 3.2.13
Rubyonrails Rails 3.2.15
Rubyonrails Rails 3.2.1
Rubyonrails Rails 3.2.5
Rubyonrails Rails 3.2.6
445
VMScore
CVE-2016-2097
Directory traversal vulnerability in Action View in Ruby on Rails prior to 3.2.22.2 and 4.x prior to 4.1.14.2 allows remote malicious users to read arbitrary files by leveraging an application's unrestricted use of the render method and providing a .. (dot dot) in a pathname...
Rubyonrails Ruby On Rails 4.1.14.1
Rubyonrails Ruby On Rails
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.1.9
Rubyonrails Rails 4.1.10
Rubyonrails Rails 4.1.12
Rubyonrails Rails 4.1.13
Rubyonrails Rails 4.1.14
Rubyonrails Rails 4.0.7
Rubyonrails Rails 4.0.8
Rubyonrails Rails 4.0.9
Rubyonrails Rails 4.1.1
Rubyonrails Rails 4.1.3
Rubyonrails Rails 4.1.4
Rubyonrails Rails 4.1.5
Rubyonrails Rails 4.1.7
758
VMScore
CVE-2016-2098
Action Pack in Ruby on Rails prior to 3.2.22.2, 4.x prior to 4.1.14.2, and 4.2.x prior to 4.2.5.2 allows remote malicious users to execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.
Debian Debian Linux 8.0
Rubyonrails Ruby On Rails 4.1.14.1
Rubyonrails Ruby On Rails
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.1.9
Rubyonrails Rails 4.1.10
Rubyonrails Rails 4.1.12
Rubyonrails Rails 4.1.13
Rubyonrails Rails 4.1.14
Rubyonrails Rails 4.2.0
Rubyonrails Rails 4.2.1
Rubyonrails Rails 4.2.3
Rubyonrails Rails 4.2.4
Rubyonrails Rails 4.2.5
Rubyonrails Rails 4.0.7
Rubyonrails Rails 4.0.8
1 EDB exploit
10 Github repositories
384
VMScore
CVE-2014-7818
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x prior to 3.2.20, 4.0.x prior to 4.0.11, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.2.0.beta3, when serve_static_assets is enabled, allows remote malicious ...
Rubyonrails Ruby On Rails 3.2.19
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.2.0
Rubyonrails Rails 4.0.7
Rubyonrails Rails 4.0.8
Rubyonrails Rails 4.0.9
Rubyonrails Rails 4.1.1
Rubyonrails Rails 4.1.3
Rubyonrails Rails 4.1.4
Rubyonrails Rails 4.1.5
Rubyonrails Rails 3.0.10
Rubyonrails Rails 3.0.12
446
VMScore
CVE-2014-7829
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x prior to 3.2.21, 4.0.x prior to 4.0.12, 4.1.x prior to 4.1.8, and 4.2.x prior to 4.2.0.beta4, when serve_static_assets is enabled, allows remote malicious ...
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Rubyonrails Ruby On Rails 3.2.19
Rubyonrails Ruby On Rails 4.0.11
Rubyonrails Ruby On Rails 3.2.20
Rubyonrails Ruby On Rails 3.0.4
Rubyonrails Rails 3.0.0
Rubyonrails Rails 3.0.1
Rubyonrails Rails 3.0.2
Rubyonrails Rails 4.0.0
Rubyonrails Rails 4.0.1
Rubyonrails Rails 4.0.2
Rubyonrails Rails 4.0.6
Rubyonrails Rails 4.1.0
Rubyonrails Rails 4.1.2
Rubyonrails Rails 4.1.6
Rubyonrails Rails 4.2.0
Rubyonrails Rails 4.0.7
Rubyonrails Rails 4.0.8
Rubyonrails Rails 4.0.9
Rubyonrails Rails 4.1.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started