rubygems
965 tracked vulnerabilities.
CVE-2014-10075
CRITICAL
karo 2.3.8 - Remote Command Injection via Host Field
Oct 05, 2018
CVSS 9.8
EPSS 0.04
CVE-2014-0014
MEDIUM
Ember.js <1.0.1-<1.4.0-beta.2 - XSS
Feb 15, 2018
CVSS 5.4
EPSS 0.01
CVE-2014-0013
MEDIUM
Ember.js <1.0.1, <1.1.3, <1.2.1, <1.3.1, <1.4.0-beta.2 - XSS
Feb 15, 2018
CVSS 5.4
EPSS 0.01
CVE-2014-1835
HIGH
echor 0.1.6 - Local Credential Exposure via Process Table
Feb 02, 2018
CVSS 7.8
EPSS 0.00
CVE-2014-1834
HIGH
echor 0.1.6 - OS Command Injection via Username or Password Parameter
Feb 02, 2018
CVSS 7.8
EPSS 0.00
CVE-2014-5004
HIGH
brbackup 0.1.1 - Exposure of Sensitive Information via MySQL Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.00
CVE-2014-5003
MEDIUM
ciborg 3.0.0 - Privilege Escalation
Jan 10, 2018
CVSS 5.5
EPSS 0.00
CVE-2014-5002
HIGH
lynx < 1.0.0 - Password Exposure via Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-5001
HIGH
Ksymfony1.rb <2.1.6 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-5000
HIGH
lawn-login <0.0.7 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4999
HIGH
kajam 1.0.3.rc2 - Exposure of Sensitive Information via MySQL Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4998
HIGH
lean-ruport 0.3.8 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4997
HIGH
point-cli gem 0.0.1 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4996
MEDIUM
VladTheEnterprising gem 0.2 - Local File Write
Jan 10, 2018
CVSS 5.5
EPSS 0.00
CVE-2014-4995
HIGH
VladTheEnterprising 0.2 - Info Disclosure
Jan 10, 2018
CVSS 7.0
EPSS 0.00
CVE-2014-4994
MEDIUM
gyazo 1.0.0-2.0.0 - Arbitrary File Write via Symlink Attack on Temporary File
Jan 10, 2018
CVSS 5.5
EPSS 0.00
CVE-2014-4993
HIGH
backup-agoddard and backup_checksum - Local Credential Exposure via OpenSSL Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4992
HIGH
cap-strap 0.1.5 - Exposure of Sensitive Information via Useradd Command Line
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-4991
HIGH
codders-dataset <1.3.2.1 - Info Disclosure
Jan 10, 2018
CVSS 7.8
EPSS 0.01
CVE-2014-9489
HIGH
gollum <3.1.1 and gollum-lib <4.0.1 - Authenticated RCE
Oct 17, 2017
CVSS 8.8
EPSS 0.02
CVE-2014-1832
Phusion Passenger 4.0.37 - Local Privilege Escalation
Feb 19, 2015
EPSS 0.00
CVE-2014-1831
Phusion Passenger <4.0.37 - Local Privilege Escalation
Feb 19, 2015
EPSS 0.00
CVE-2014-9490
raven-ruby < 0.12.2 - Denial of Service via Large Exponent in Scientific Number
Jan 20, 2015
EPSS 0.02
CVE-2014-8144
doorkeeper < 1.4.1 - Cross-Site Request Forgery
Dec 31, 2014
EPSS 0.01
CVE-2014-7829
Opensuse < 4.1.8 - Path Traversal
Nov 18, 2014
EPSS 0.04
Products
actionpack 63
rack 50
nokogiri 34
rubygems 25
rubygems-update 25
activerecord 23
puppet 23
activesupport 17
publify_core 15
passenger 14
rails-html-sanitizer 14
actionview 13
decidim 12
puma 12
camaleon_cms 11
fat_free_crm 11
rails 11
activestorage 10
net-imap 10
ruby-saml 10
jquery-rails 9
katello 8
openc3 8
rexml 8
bootstrap 7
bootstrap-sass 7
jquery-ui-rails 7
lodash-rails 7
spree 7
avo 6
Quick Filters