Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • H
Arbitrary Code Injection		activestorage>=5.2.0, <5.2.6.3>=6.0.0, <6.0.4.7>=6.1.0, <6.1.4.7>=7.0.0, <7.0.2.3RubyGems9 Mar 2022
  • H
Integer Overflow or Wraparound		commonmarker<0.23.4RubyGems4 Mar 2022
  • M
Cross-site Scripting (XSS)		view_component>=2.31.0, <2.31.2>=2.32.0, <2.49.1RubyGems3 Mar 2022
  • C
Arbitrary Code Execution		image_processing<1.12.2RubyGems2 Mar 2022
  • H
Use After Free		nokogiri<1.13.2RubyGems23 Feb 2022
  • H
Information Exposure		actionpack<5.2.6.2>=6.0.0.0, <6.0.4.6>=6.1.0.0, <6.1.4.6>=7.0.0.0, <7.0.2.2RubyGems13 Feb 2022
  • H
Information Exposure		puma<4.3.11>=5.0.0, <5.6.2RubyGems13 Feb 2022
  • H
Improper Certificate Validation		qpid_proton>=0.9, <0.27.1RubyGems26 Jan 2022
  • C
Improper Data Handling		openssl<2.1.2RubyGems26 Jan 2022
  • M
Cross-site Scripting (XSS)		xapian-core<1.4.6RubyGems26 Jan 2022
  • H
Improper Authentication		cgi>=0.3.0, <0.3.1>=0.2.0, <0.2.1<0.1.1RubyGems23 Jan 2022
  • H
Denial of Service (DoS)		sidekiq<5.2.10>=6.0.0.pre1, <6.4.0RubyGems23 Jan 2022
  • H
Denial of Service (DoS)		google-protobuf<3.19.2RubyGems7 Jan 2022
  • L
Cross-site Request Forgery (CSRF)		solidus_frontend<2.11.14>=3.0.0, <3.0.5>=3.1.0, <3.1.5RubyGems21 Dec 2021
  • M
Directory Traversal		message_bus<3.3.7RubyGems19 Dec 2021
  • M
Open Redirect		actionpack>=6.0.0, <6.0.4.2>=6.1.0, <6.1.4.2RubyGems15 Dec 2021
  • C
Remote Code Execution (RCE)		log4j-jars>=2.0.0rc1, <2.15.0RubyGems10 Dec 2021
  • M
Arbitrary Code Execution		bundler<2.2.33RubyGems9 Dec 2021
  • H
Regular Expression Denial of Service (ReDoS)		solidus_core>=3.1.0, <3.1.4>=3.0.0rc2, <3.0.4<2.11.13RubyGems8 Dec 2021
  • H
Authentication Bypass		devise_masquerade<1.3.1RubyGems8 Dec 2021
  • H
Buffer Overflow		cgi<0.3.1>=0.2.0, <0.2.1>=0.1.0, <0.1.1RubyGems25 Nov 2021
  • C
Cross-site Request Forgery (CSRF)		spree_auth_devise>=4.3.0, <4.4.1>=4.2.0, <4.2.1>=4.1.0, <4.1.1<4.0.1RubyGems19 Nov 2021
  • C
Cross-site Request Forgery (CSRF)		spree_auth_devise<4.0.1>=4.1.0, <4.1.1>=4.2.0, <4.2.1>=4.3.0, <4.4.1RubyGems18 Nov 2021
  • C
Cross-site Request Forgery (CSRF)		solidus_auth_devise>=3.1.0, <3.1.3>=3.0.0, <3.0.3>=2.6.0, <2.11.12>=1.0.0, <2.5.4RubyGems18 Nov 2021
  • M
Denial of Service (DoS)		puppet<6.25.1>=7.0.0, <7.12.1RubyGems17 Nov 2021
  • M
Information Disclosure		puppet<6.25.1>=7.0.0, <7.12.1RubyGems17 Nov 2021
  • M
Improper Input Validation		rails_multisite<4.0.0RubyGems16 Nov 2021
  • M
Regular Expression Denial of Service (ReDoS)		date<2.0.1>=3.0.0, <3.0.2>=3.1.0, <3.1.2>=3.2.0, <3.2.1RubyGems16 Nov 2021
  • M
Cross-site Scripting (XSS)		publify_core<9.2.5RubyGems10 Nov 2021
  • M
Access Restriction Bypass		publify_core>=9.0.0.pre1, <9.2.5RubyGems2 Nov 2021