Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / rubygems

rubygems

954 tracked vulnerabilities.

CVE-2024-56733 MEDIUM

Password Pusher <1.50.3 - Info Disclosure

CVE-2024-54133 LOW

Action Pack <7.0.8.7, <7.1.5.1, <7.2.2.1, <8.0.0.1 - XSS

CVE-2024-53988 MEDIUM

rails-html-sanitizer 1.6.0 - Cross-Site Scripting via Allowed Math and Style Elements

CVE-2024-53987 MEDIUM

rails-html-sanitizer 1.6.0 - Cross-Site Scripting via Style Element Injection

CVE-2024-53986 MEDIUM

rails-html-sanitizer 1.6.0 - Cross-Site Scripting via HTML5 Sanitization with Allowed math and style Elements

CVE-2024-53985 MEDIUM

Rails::HTML::Sanitizer <1.16.8 - XSS

CVE-2024-53989 MEDIUM

rails-html-sanitizer 1.6.0 - Cross-Site Scripting via Noscript Tag Override

CVE-2024-52796 MEDIUM

Rubygems Pwpush < 1.49.0 - Resource Allocation Without Limits

CVE-2024-45594 HIGH

Decidim 0.28.0-0.28.2 - Cross-Site Scripting via Meeting Embed URL

CVE-2024-43415 CRITICAL

decidim-decidim_awesome 0.9.1-0.10.2 and 0.11.0-0.11.1 - Authenticated SQL Injection in papertrail/version Model

CVE-2024-21510 MEDIUM

sinatra < 4.1.0 - Open Redirect via X-Forwarded-Host Header

CVE-2024-49771 MEDIUM

MPXJ 8.3.5-13.5.0 - Path Traversal

CVE-2024-49761 HIGH

REXML < 3.3.9 - Inefficient Regular Expression Complexity in Hex Numeric Character Reference Parsing

CVE-2024-49376 HIGH

Autolab <3.0.0 - Privilege Escalation

CVE-2024-48652 MEDIUM

camaleon_cms 2.7.5 - Stored Cross-Site Scripting via Content Group Name Field

CVE-2024-47889 MEDIUM

Rubygems Actionmailer < 6.1.7.9 - Denial of Service

CVE-2024-47888 MEDIUM

Rubygems Actiontext < 6.1.7.9 - Denial of Service

CVE-2024-47887 MEDIUM

Rubygems Actionpack < 6.1.7.9 - Denial of Service

CVE-2024-41128 MEDIUM

Rubygems Actionpack < 6.1.7.9 - Resource Allocation Without Limits

CVE-2024-47529 MEDIUM

OpenC3 COSMOS < 5.19.0 - Cleartext Storage of Sensitive Information in LocalStorage

CVE-2024-46977 MEDIUM

OpenC3 COSMOS < 5.19.0 - Authenticated Path Traversal via LocalMode open_local_file

CVE-2024-43795 MEDIUM

OpenC3 COSMOS < 5.19.0 - Reflected Cross-Site Scripting in Login Functionality

CVE-2024-41673 HIGH

Decidim < 0.27.8 - Cross-Site Scripting via Malformed URL in Version Control Feature

CVE-2024-46488 MEDIUM

sqlite-vec 0.1.1 - Heap-based Buffer Overflow via npy_token_next

WEBrick toolkit <1.8.1 - HTTP Request Smuggling

Previous Page 6 of 39 Next

Products

actionpack 63 rack 50 nokogiri 34 rubygems 25 rubygems-update 25 activerecord 23 puppet 23 activesupport 17 publify_core 15 passenger 14 rails-html-sanitizer 14 actionview 13 decidim 12 puma 12 camaleon_cms 11 fat_free_crm 11 rails 11 activestorage 10 ruby-saml 10 jquery-rails 9 openc3 8 rexml 8 bootstrap 7 bootstrap-sass 7 jquery-ui-rails 7 katello 7 lodash-rails 7 net-imap 7 spree 7 avo 6

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy