Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Use of Uninitialized Resource		trilogy<2.1.1RubyGems7 Jun 2022
  • M
Cross-site Scripting (XSS)		publify_core>=8.0, <9.2.5RubyGems6 Jun 2022
  • L
Cross-site Request Forgery (CSRF)		solidus_backend<2.11.16>=3.0.0, <3.0.6>=3.1.0, <3.1.6RubyGems2 Jun 2022
  • H
Denial of Service (DoS)		rack>=1.2, <2.0.9.1>=2.1.0, <2.1.4.1>=2.2.0, <2.2.3.1RubyGems28 May 2022
  • C
Arbitrary Code Injection		rack<2.0.9.1>=2.1.0, <2.1.4.1>=2.2.0, <2.2.3.1RubyGems28 May 2022
  • M
Improper Access Control		publify_core<9.2.9RubyGems24 May 2022
  • M
Cross-site Scripting (XSS)		publify_core<9.2.9RubyGems24 May 2022
  • H
Improper Handling of Unexpected Data Type		nokogiri<1.13.6RubyGems20 May 2022
  • H
Inadequate Encryption Strength		random_password_generator>=0.0.0RubyGems18 May 2022
  • M
Cross-site Scripting (XSS)		publify_core<9.2.8RubyGems17 May 2022
  • L
Information Exposure		publify_core<9.2.8RubyGems17 May 2022
  • L
Improper Access Control		publify_core<9.2.8RubyGems17 May 2022
  • M
CSV Injection		csv-safe<3.0.0RubyGems2 May 2022
  • H
Improper Input Validation		sinatra<2.2.0RubyGems2 May 2022
  • M
Cross-site Scripting (XSS)		actionview<5.2.7.1>=6.0.0.beta1, <6.0.4.8>=6.1.0.rc1, <6.1.5.1>=7.0.0.alpha1, <7.0.2.4RubyGems27 Apr 2022
  • M
Cross-site Scripting (XSS)		actionpack>=5.2.0, <5.2.7.1>=6.0.0.beta1, <6.0.4.8>=6.1.0.rc1, <6.1.5.1>=7.0.0.alpha1, <7.0.2.4RubyGems27 Apr 2022
  • M
Server-side Request Forgery (SSRF)		gibbon<3.4.4RubyGems25 Apr 2022
  • M
SQL Injection		blazer<2.6.0RubyGems21 Apr 2022
  • H
Command Injection		git<1.11.0RubyGems19 Apr 2022
  • H
Out-of-bounds Write		nokogiri<1.13.4RubyGems12 Apr 2022
  • H
Regular Expression Denial of Service (ReDoS)		nokogiri<1.13.4RubyGems12 Apr 2022
  • H
Denial of Service (DoS)		nokogiri<1.13.4RubyGems12 Apr 2022
  • M
Time-Based One-Time Password (TOTP) Reuse		devise-two-factor<4.0.2RubyGems10 Apr 2022
  • M
Denial of Service (DoS)		yajl-ruby<1.4.2RubyGems6 Apr 2022
  • H
Command Injection		cocoapods-downloader<1.6.0>=1.6.2, <1.6.3RubyGems1 Apr 2022
  • H
Command Injection		cocoapods-downloader<1.6.2RubyGems1 Apr 2022
  • C
Command Injection		asciidoctor-include-ext<0.4.0RubyGems1 Apr 2022
  • M
Improper Authorization		smart_proxy_salt>=0.0.0RubyGems31 Mar 2022
  • C
HTTP Request Smuggling		puma<4.3.12>=5.0.0, <5.6.4RubyGems31 Mar 2022
  • H
Improper Certificate Validation		kubeclient<4.9.3RubyGems25 Mar 2022