Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Resources Downloaded over Insecure ProtocolCVE-2022-45442
Affects sinatra | Versions <2.2.3>=3.0.0, <3.0.4
Has fix
RubyGemsPublished 29 Nov 2022
  • H
Improper Input ValidationCVE-2021-33621
Affects cgi | Versions <0.1.0.2>=0.2.1, <0.2.2>=0.3.3, <0.3.5
Has fix
RubyGemsPublished 20 Nov 2022
  • L
Improper NeutralizationCVE-2022-4064
Affects dalli | Versions <3.2.3
Has fix
RubyGemsPublished 20 Nov 2022
  • C
Integer Overflow or WraparoundCVE-2022-37454
Affects sha3 | Versions <1.0.5
Has fix
RubyGemsPublished 6 Nov 2022
  • L
Information ExposureCVE-2022-39379
Affects fluentd | Versions >=1.13.2, <1.15.3
Has fix
RubyGemsPublished 2 Nov 2022
  • H
NULL Pointer Dereference
Affects nokogiri | Versions <1.13.9
Has fix
RubyGemsPublished 19 Oct 2022
  • M
Denial of Service (DoS)
Affects sqlite3 | Versions >=1.5.0, <1.5.1
Has fix
RubyGemsPublished 19 Oct 2022
  • H
Privilege EscalationCVE-2022-42717
Affects vagrant | Versions >=0.0.0, <2.4.4
Has fix
RubyGemsPublished 12 Oct 2022
  • M
Denial of Service (DoS)CVE-2022-39281
Affects fat_free_crm | Versions <0.20.1
Has fix
RubyGemsPublished 9 Oct 2022
  • M
Denial of Service (DoS)CVE-2022-3171
Affects google-protobuf | Versions <3.16.3>=3.17.0.rc.1, <3.19.6>=3.20.0.rc.1, <3.20.3>=3.21.0.rc.1, <3.21.7
Has fix
RubyGemsPublished 5 Oct 2022
  • M
Heap-based Buffer OverflowCVE-2016-2338
Affects psych | Versions <2.0.17
Has fix
RubyGemsPublished 29 Sept 2022
  • M
Open Redirect
Affects actionpack | Versions >=7.0.3, <7.0.4
Has fix
RubyGemsPublished 28 Sept 2022
  • M
Improper Input Validation
Affects personnummer | Versions <3.0.1
Has fix
RubyGemsPublished 22 Sept 2022
  • H
Arbitrary Code ExecutionCVE-2022-39224
Affects arr-pm | Versions <0.0.12
Has fix
RubyGemsPublished 22 Sept 2022
  • M
Information Exposure
Affects pageflow | Versions <14.5.2>=15.0.0, <15.7.1
Has fix
RubyGemsPublished 15 Sept 2022
  • H
Authorization Bypass Through User-Controlled Key
Affects pageflow | Versions <14.5.2>=15.0.0, <15.7.1
Has fix
RubyGemsPublished 15 Sept 2022
  • C
Command InjectionCVE-2022-25765
Affects pdfkit | Versions <0.8.7.2
Has fix
RubyGemsPublished 8 Sept 2022
  • L
Insecure PermissionsCVE-2022-31072
Affects octokit | Versions >=4.23.0, <4.25.0
Has fix
RubyGemsPublished 22 Aug 2022
  • H
Improper AuthenticationCVE-2020-36599
Affects omniauth | Versions <1.9.2
Has fix
RubyGemsPublished 19 Aug 2022
  • H
SQL InjectionCVE-2022-35956
Affects update_by_case | Versions <0.1.3
Has fix
RubyGemsPublished 12 Aug 2022
  • H
Directory TraversalCVE-2022-31163
Affects tzinfo | Versions <0.3.61>=1.0.0, <1.2.10
Has fix
RubyGemsPublished 22 Jul 2022
  • M
Information ExposureCVE-2022-2394
Affects bolt | Versions <3.24.0
Has fix
RubyGemsPublished 20 Jul 2022
  • M
Cross-site Scripting (XSS)CVE-2020-35305
Affects gollum | Versions >=5.0.0, <5.1.2
Has fix
RubyGemsPublished 17 Jul 2022
  • C
Remote Code Execution (RCE)CVE-2022-32224
Affects activerecord | Versions <5.2.8.1>=6.0.0, <6.0.5.1>=6.1.0, <6.1.6.1>=7.0.0, <7.0.3.1
Has fix
RubyGemsPublished 13 Jul 2022
  • M
HTTP Request SmugglingCVE-2022-32214
Affects llhttp | Versions >=0.0.0
Has fix
RubyGemsPublished 10 Jul 2022
  • M
HTTP Request SmugglingCVE-2022-32215
Affects llhttp | Versions >=0.0.0
Has fix
RubyGemsPublished 10 Jul 2022
  • M
HTTP Request SmugglingCVE-2022-32213
Affects llhttp | Versions >=0.0.0
Has fix
RubyGemsPublished 10 Jul 2022
  • H
Deserialization of Untrusted DataCVE-2022-31115
Affects opensearch-ruby | Versions <2.0.2
Has fix
RubyGemsPublished 1 Jul 2022
  • M
Access Restriction BypassCVE-2021-3779
Affects ruby-mysql | Versions <2.10.0
Has fix
RubyGemsPublished 29 Jun 2022
  • M
Cross-site Scripting (XSS)CVE-2022-32209
Affects rails-html-sanitizer | Versions <1.4.3
Has fix
RubyGemsPublished 26 Jun 2022