rubygems

965 tracked vulnerabilities.

CVE-2014-10075 CRITICAL
karo 2.3.8 - Remote Command Injection via Host Field
Oct 05, 2018
CVSS 9.8
EPSS 0.04
CVE-2014-0014 MEDIUM
Ember.js <1.0.1-<1.4.0-beta.2 - XSS
Feb 15, 2018
CVSS 5.4
EPSS 0.01
CVE-2014-0013 MEDIUM
Ember.js <1.0.1, <1.1.3, <1.2.1, <1.3.1, <1.4.0-beta.2 - XSS
Feb 15, 2018
CVSS 5.4
EPSS 0.01
CVE-2014-1835 HIGH
echor 0.1.6 - Local Credential Exposure via Process Table
Feb 02, 2018
CVSS 7.8
EPSS 0.00
CVE-2014-1834 HIGH
echor 0.1.6 - OS Command Injection via Username or Password Parameter
Feb 02, 2018
CVSS 7.8
EPSS 0.00
CVE-2014-5004 HIGH
brbackup 0.1.1 - Exposure of Sensitive Information via MySQL Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.00
CVE-2014-5003 MEDIUM
ciborg 3.0.0 - Privilege Escalation
Jan 10, 2018
CVSS 5.5
EPSS 0.00
CVE-2014-5002 HIGH
lynx < 1.0.0 - Password Exposure via Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-5001 HIGH
Ksymfony1.rb <2.1.6 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-5000 HIGH
lawn-login <0.0.7 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4999 HIGH
kajam 1.0.3.rc2 - Exposure of Sensitive Information via MySQL Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4998 HIGH
lean-ruport 0.3.8 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4997 HIGH
point-cli gem 0.0.1 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4996 MEDIUM
VladTheEnterprising gem 0.2 - Local File Write
Jan 10, 2018
CVSS 5.5
EPSS 0.00
CVE-2014-4995 HIGH
VladTheEnterprising 0.2 - Info Disclosure
Jan 10, 2018
CVSS 7.0
EPSS 0.00
CVE-2014-4994 MEDIUM
gyazo 1.0.0-2.0.0 - Arbitrary File Write via Symlink Attack on Temporary File
Jan 10, 2018
CVSS 5.5
EPSS 0.00
CVE-2014-4993 HIGH
backup-agoddard and backup_checksum - Local Credential Exposure via OpenSSL Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4992 HIGH
cap-strap 0.1.5 - Exposure of Sensitive Information via Useradd Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4991 HIGH
codders-dataset <1.3.2.1 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-9489 HIGH
gollum <3.1.1 and gollum-lib <4.0.1 - Authenticated RCE
Oct 17, 2017
CVSS 8.8
EPSS 0.02
CVE-2014-1832
Phusion Passenger 4.0.37 - Local Privilege Escalation
Feb 19, 2015
EPSS 0.00
CVE-2014-1831
Phusion Passenger <4.0.37 - Local Privilege Escalation
Feb 19, 2015
EPSS 0.00
CVE-2014-9490
raven-ruby < 0.12.2 - Denial of Service via Large Exponent in Scientific Number
Jan 20, 2015
EPSS 0.02
CVE-2014-8144
doorkeeper < 1.4.1 - Cross-Site Request Forgery
Dec 31, 2014
EPSS 0.01
CVE-2014-7829
Opensuse < 4.1.8 - Path Traversal
Nov 18, 2014
EPSS 0.04