Recent vulnerabilities

Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
ID Severity Description Published Updated
ghsa-2fqv-h3r5-m4vf
6.1 (3.1)
Cross Site Scripting (XSS) in plotly.js 2017-10-24T18:33:35Z 2021-08-30T21:12:50Z
ghsa-3m6r-39p3-jq25
9.1 (3.1)
Doorkeeper is vulnerable to replay attacks 2017-10-24T18:33:35Z 2022-04-25T16:34:57Z
ghsa-4jm3-pfpf-h54p
9.8 (3.1)
espeak-ruby allows arbitrary command execution 2017-10-24T18:33:35Z 2023-01-25T22:57:24Z
ghsa-543v-gj2c-r3ch
5.3 (3.1)
activemodel contains Improper Input Validation 2017-10-24T18:33:35Z 2023-06-30T21:32:03Z
ghsa-5vx5-9q73-wgp4
9.8 (3.1)
Safemode Gem Has Incomplete List of Disallowed Inputs 2017-10-24T18:33:35Z 2023-09-05T21:30:18Z
ghsa-6h88-qjpv-p32m
7.5 (3.1)
OpenSSL gem for Ruby using inadequate encryption strength 2017-10-24T18:33:35Z 2022-04-25T16:33:57Z
ghsa-78rc-8c29-p45g
7.3 (3.1)
actionpack allows remote code execution via application's unrestricted use of render method 2017-10-24T18:33:35Z 2023-07-03T18:58:43Z
ghsa-87vv-r9j6-g5qv
6.5 (3.1)
Regular Expression Denial of Service in moment 2017-10-24T18:33:35Z 2022-06-07T14:31:25Z
ghsa-c92m-rrrc-q5wf
8.1 (3.1)
safemode gem allows context-dependent attackers to obtain sensitive information via the inspect method 2017-10-24T18:33:35Z 2023-09-05T21:11:43Z
ghsa-f522-ffg8-j8r6
7.5 (3.1)
Regular Expression Denial of Service in is-my-json-valid 2017-10-24T18:33:35Z 2025-10-17T17:50:27Z
ghsa-f7f4-5w9j-23p2
9.8 (3.1)
festivaltts4r allows arbitrary command execution 2017-10-24T18:33:35Z 2023-01-25T23:16:58Z
ghsa-ffpv-c4hm-3x6v
7.5 (3.1)
actionpack is vulnerable to denial of service via a crafted HTTP Accept header 2017-10-24T18:33:35Z 2023-07-31T21:08:45Z
ghsa-gcqq-w6gr-h9j9
9.8 (3.1)
Directory traversal vulnerability in RubyZip 2017-10-24T18:33:35Z 2023-01-26T20:55:34Z
ghsa-gvcj-pfq2-wxj7
7.8 (3.1)
High severity vulnerability that affects electron 2017-10-24T18:33:35Z 2021-09-13T12:46:47Z
ghsa-h5g2-38x9-4gv3
7.5 (3.1)
archive-tar-minitar and minitar vulnerable to Path Traversal 2017-10-24T18:33:35Z 2023-09-05T21:02:41Z
ghsa-hpcf-8vf9-q4gj
6.1 (3.1)
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText 2017-10-24T18:33:35Z 2023-01-26T23:02:07Z
ghsa-j5hj-fhc9-g24m
5.3 (3.1)
rack-mini-profiler allows remote attackers to obtain sensitive information about allocated strings … 2017-10-24T18:33:35Z 2023-01-23T21:18:15Z
ghsa-pc3m-v286-2jwj
6.1 (3.1)
actionview Cross-site Scripting vulnerability 2017-10-24T18:33:35Z 2023-01-23T17:59:42Z
ghsa-pr3r-4wrp-r2pv
7.5 (3.1)
ActiveRecord in Ruby on Rails allows database-query bypass 2017-10-24T18:33:35Z 2023-07-04T00:01:26Z
ghsa-vx9j-46rh-fqr8
5.3 (3.1)
actionview contains Path Traversal vulnerability 2017-10-24T18:33:35Z 2023-07-05T20:44:17Z
ghsa-xrr4-p6fq-hjg7
7.5 (3.1)
Directory traversal vulnerability in Action View in Ruby on Rails 2017-10-24T18:33:35Z 2025-10-22T17:35:03Z
ghsa-229r-pqp6-8w6g
sprout Arbitrary Code Execution vulnerability 2017-10-24T18:33:36Z 2023-08-29T15:58:19Z
ghsa-29gr-w57f-rpfw
actionpack vulnerable to Path Traversal 2017-10-24T18:33:36Z 2023-08-25T19:41:02Z
ghsa-333x-9vgq-v2j4
Directory Traversal in geddy 2017-10-24T18:33:36Z 2021-08-31T20:33:50Z
ghsa-33pp-3763-mrfp
sprockets vulnerable to Path Traversal 2017-10-24T18:33:36Z 2023-03-01T18:54:54Z
ghsa-34r7-q49f-h37c
9.8 (3.1)
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js 2017-10-24T18:33:36Z 2021-10-29T14:15:03Z
ghsa-3fx5-fwvr-xrjg
7.5 (3.1)
Regular Expression Denial of Service in ms 2017-10-24T18:33:36Z 2024-08-01T16:44:35Z
ghsa-4c4w-3q45-hp9j
7.5 (3.1)
Aescrypt does not sufficiently use random values 2017-10-24T18:33:36Z 2023-01-25T22:56:46Z
ghsa-4whc-pp4x-9pf3
jquery-rails and jquery-ujs subject to Exposure of Sensitive Information 2017-10-24T18:33:36Z 2026-01-14T21:44:14Z
ghsa-552w-rqg8-gxxm
6.1 (3.1)
Moderate severity vulnerability that affects validator 2017-10-24T18:33:36Z 2021-09-01T19:26:29Z