Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
VULNERABILITYAFFECTSTYPEPUBLISHED
  • M
Cross-site Scripting (XSS)		actiontext>=7.1.0, <7.1.3.4>=7.2.0.beta1, <7.2.0.beta2RubyGems5 Jun 2024
  • C
Cross-site Scripting		activeadmin<3.2.2>=4.0.0.beta1, <4.0.0.beta7RubyGems3 Jun 2024
  • H
Heap-based Buffer Overflow		nokogiri<1.16.5RubyGems30 May 2024
  • H
Allocation of Resources Without Limits or Throttling		rack-contrib<2.5.0RubyGems28 May 2024
  • M
Improper Access Control		kaminari>=0.15.0, <0.16.2RubyGems28 May 2024
  • M
Uncontrolled Resource Consumption		rexml<3.2.7RubyGems17 May 2024
  • M
Cross-site Scripting (XSS)		solidus>=0.0.0RubyGems14 May 2024
  • H
Cross-site Scripting (XSS)		phlex<1.9.3>=1.10.0, <1.10.2RubyGems1 May 2024
  • M
Cross-site Scripting (XSS)		sidekiq>=7.2.0, <7.2.4RubyGems28 Apr 2024
  • M
Cross-site Scripting (XSS)		phlex<1.4.2>=1.5.0, <1.5.3>=1.6.0, <1.6.3>=1.7.0, <1.7.2>=1.8.0, <1.8.3>=1.9.0, <1.9.2>=1.10.0, <1.10.1RubyGems17 Apr 2024
  • M
Cross-site Scripting (XSS)		carrierwave<2.2.6>=3.0.0, <3.0.7RubyGems25 Mar 2024
  • L
Buffer Over-read		stringio>=3.0.1, <3.0.1.1RubyGems22 Mar 2024
  • M
Code Injection		rdoc<6.3.4.1>=6.4.0, <6.4.1.1>=6.5.0, <6.5.1.1RubyGems22 Mar 2024
  • H
Incorrect Default Permissions		rotp<6.3.0RubyGems18 Mar 2024
  • H
Exposed Dangerous Method or Function		turbo_boost-commands<0.1.3>=0.2.0, <0.2.2RubyGems17 Mar 2024
  • H
Cross-site Scripting (XSS)		phlex<1.0.1>=1.1.0, <1.1.1>=1.2.0, <1.2.2>=1.3.0, <1.3.3>=1.4.0, <1.4.1>=1.5.0, <1.5.2>=1.6.0, <1.6.2>=1.7.0, <1.7.1>=1.8.0, <1.8.2>=1.9.0, <1.9.1RubyGems13 Mar 2024
  • H
Unsafe Reflection		stimulus_reflex<3.4.2>=3.5.0-pre0, <3.5.0-rc4RubyGems13 Mar 2024
  • M
Cross-site Scripting (XSS)		yard<0.9.35RubyGems29 Feb 2024
  • M
Exposure of Data Element to Wrong Session		actionpack>=5.2.0, <6.1.7.7>=7.0.0, <7.0.8.1RubyGems25 Feb 2024
  • M
Regular Expression Denial of Service (ReDoS)		actionpack>=7.1.0, <7.1.3.1RubyGems25 Feb 2024
  • M
Cross-site Scripting (XSS)		actionpack>=7.0.0, <7.0.8.1>=7.1.0, <7.1.3.1RubyGems25 Feb 2024
  • H
Denial of Service (DoS)		rack>=1.3.0, <2.2.8.1>=3.0.0, <3.0.9.1RubyGems25 Feb 2024
  • M
Regular Expression Denial of Service (ReDoS)		rack>=0.4.0, <2.2.8.1>=3.0.0, <3.0.9.1RubyGems25 Feb 2024
  • M
Regular Expression Denial of Service (ReDoS)		rack<2.0.9.4>=2.1.0, <2.1.4.4>=2.2.0, <2.2.8.1>=3.0.0, <3.0.9.1RubyGems25 Feb 2024
  • M
Cross-site Scripting (XSS)		decidim>=0.27.0, <0.27.5RubyGems22 Feb 2024
  • M
Cross-site Scripting (XSS)		decidim-core>=0.27.0, <0.27.5RubyGems22 Feb 2024
  • L
Race Condition		decidim>=0.10.0, <0.26.9>=0.27.0, <0.27.5RubyGems21 Feb 2024
  • M
Server-Side Request Forgery (SSRF)		decidim-templates>=0.23.0, <0.27.5RubyGems21 Feb 2024
  • M
Operation on a Resource after Expiration or Release		decidim-system>=0.0.1, <0.26.9>=0.27.0, <0.27.5RubyGems21 Feb 2024
  • M
Operation on a Resource after Expiration or Release		decidim-admin>=0.0.1, <0.26.9>=0.27.0, <0.27.5RubyGems21 Feb 2024