Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

300 advisories

Loading
Missing Initialization of Resource in Apache Arrow High
CVE-2019-12408 was published for pyarrow (RubyGems) May 24, 2022
jiajie-chen-havas
Missing Initialization of Resource in Apache Arrow High
CVE-2019-12410 was published for pyarrow (RubyGems) May 24, 2022
Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability High
CVE-2019-18197 was published for nokogiri (RubyGems) May 24, 2022
Elastic APM agent for Ruby vulnerable to Improper Certificate Validation High
CVE-2019-7615 was published for elastic-apm (RubyGems) May 24, 2022
libxslt Type Confusion vulnerability that affects Nokogiri High
CVE-2019-13118 was published for nokogiri (RubyGems) May 24, 2022
Uninitialized read in Nokogiri gem High
CVE-2019-13117 was published for nokogiri (RubyGems) May 24, 2022
Nokogiri Improperly Handles Unexpected Data Type High
CVE-2022-29181 was published for nokogiri (RubyGems) May 23, 2022
agustingianni
Insecure PRNG use in random_password_generator High
CVE-2019-25061 was published for random_password_generator (RubyGems) May 19, 2022
Integer Overflow or Wraparound in libxml2 affects Nokogiri High
GHSA-cgx6-hpwq-fhv5 was published for nokogiri (RubyGems) May 18, 2022
Publify vulnerable to DoS attack High
CVE-2014-3211 was published for publify_core (RubyGems) May 17, 2022
Karteek Docsplit vulnerable to OS Command Injection High
CVE-2013-1933 was published for karteek-docsplit (RubyGems) May 17, 2022
codders-dataset Process Table Local Plaintext Credential Disclosure High
CVE-2014-4991 was published for codders-dataset (RubyGems) May 14, 2022
jasnow
backup-agoddard and backup_checksum have Information Exposure vulnerability High
CVE-2014-4993 was published for backup-agoddard (RubyGems) May 14, 2022
point-cli allows local users to obtain sensitive information by listing the process High
CVE-2014-4997 was published for point-cli (RubyGems) May 14, 2022
kajam allows local users to obtain sensitive information by listing the process High
CVE-2014-4999 was published for kajam (RubyGems) May 14, 2022
lean-ruport allows local users to obtain sensitive information by listing the process High
CVE-2014-4998 was published for lean-ruport (RubyGems) May 14, 2022
Echor Ruby Gem credentials can be stolen via process table monitoring High
CVE-2014-1835 was published for echor (RubyGems) May 14, 2022
Echor contains Command Injection High
CVE-2014-1834 was published for echor (RubyGems) May 14, 2022
Nokogiri gem, via libxml, is affected by DoS vulnerabilities High
CVE-2017-15412 was published for nokogiri (RubyGems) May 14, 2022
espen mattyr
flavorjones staticintlucas thomasthaddeus BaerMitUmlaut dlackty
WEBrick RCE Vulnerability High
CVE-2017-10784 was published for webrick (RubyGems) May 14, 2022
brent-yearone drewblas
leviem1 orien aramprice intrigus-lgtm alagos longkt90 ChrisBAshton potsbo libussa
Ruby OpenSSL DoS Vulnerability High
CVE-2017-14033 was published for openssl (RubyGems) May 14, 2022
i18n Vulnerable to Denial of Service Attack High
CVE-2014-10077 was published for i18n (RubyGems) May 14, 2022
jhutchings1
Fileutils Command Injection vulnerability High
CVE-2013-2516 was published for fileutils (RubyGems) May 14, 2022
Phusion Passenger Race Condition Allows Privilege Escalation High
CVE-2018-12029 was published for passenger (RubyGems) May 14, 2022
ProTip! Advisories are also available from the GraphQL API