Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / rubygems

rubygems

954 tracked vulnerabilities.

omniauth-facebook 1.4.1-1.5.0 - Cross-Site Request Forgery via State Parameter

fog-dragonfly 0.8.2 - Remote Code Execution

BaseSpace Ruby SDK 0.1.7 - Info Disclosure

show_in_browser gem 0.0.3 - Symlink Attack via /tmp/browser.html

wicked < 1.0.1 - Path Traversal via Step Parameter

Phusion Passenger < 3.0.21 and 4.0.x < 4.0.5 - Denial of Service and Privilege Escalation via Temporary Config File

Fat Free CRM <0.12.1 - Info Disclosure

Fat Free CRM <0.12.1 - SQL Injection

Fat Free CRM <0.12.1 - Info Disclosure

Fat Free CRM < 0.12.1 - Cross-Site Request Forgery

Fat Free CRM <0.12.1 - Info Disclosure

will_paginate < 3.0.5 - Cross-Site Scripting via Pagination Links

Webbynode <1.0.5.3 - Command Injection

sprout 0.7.246 - OS Command Injection via Archive Filename or Path

Fedora < 2.2.1 - Resource Management Error

Sup < 0.13.2.1 and 0.14.x < 0.14.1.1 - Remote Code Execution via Email Attachment Content-Type

sup < 0.13.2.1 and 0.14.x < 0.14.1.1 - Remote Code Execution via Email Attachment Filename

Ruby on Rails 3.x < 3.2.16 and 4.x < 4.0.2 - SQL Query Manipulation via JSON Parameter Handling

Ruby on Rails < 4.0.2 - Cross-Site Scripting via simple_format Helper

Ruby on Rails < 3.2.16 and 4.x < 4.0.2 - Cross-Site Scripting via number_to_currency Helper Unit Parameter

Ruby on Rails 3.x < 3.2.16 and 4.x < 4.0.2 - Denial of Service via Invalid MIME Type Header

I18n < 0.6.5 - XSS

Ruby on Rails 3.x < 3.2.16 and 4.x < 4.0.2 - Cross-Site Scripting via i18n Fallback String

Cocaine gem 0.4.0-0.5.2 - OS Command Injection via Recursive Variable Interpolation

RubyGems < 1.8.23.2, 1.8.24-1.8.26, 2.0.x < 2.0.10, 2.1.x < 2.1.5 - Denial of Service via Version Regex Backtracking

Previous Page 33 of 39 Next

Products

actionpack 63 rack 50 nokogiri 34 rubygems 25 rubygems-update 25 activerecord 23 puppet 23 activesupport 17 publify_core 15 passenger 14 rails-html-sanitizer 14 actionview 13 decidim 12 puma 12 camaleon_cms 11 fat_free_crm 11 rails 11 activestorage 10 ruby-saml 10 jquery-rails 9 openc3 8 rexml 8 bootstrap 7 bootstrap-sass 7 jquery-ui-rails 7 katello 7 lodash-rails 7 net-imap 7 spree 7 avo 6

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy