Filter
AND
-Infinity
0

Trending

Last week
Last month
Last year

rubygems/activestoragePossible Sensitive Session Information Leak in Active Storage

medium
5.3
EPSS
0.04%
First published (updated )
CVE-2024-26144

Ruby on RailsCSRF, CRLF Injection

medium
5
First published (updated )
CVE-2008-5189

Ruby on RailsThe (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2…

medium
5
First published (updated )
CVE-2015-3227

Clockwork WebCSRF

medium
6.5
First published (updated )
CVE-2023-25015

Ruby on Rails ActionPackAn open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redire…

medium
6.1
First published (updated )
CVE-2023-22797

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

redhat/rubygem-rails-html-sanitizerrails-html-sanitizer contains an incomplete fix for an XSS vulnerability

medium
6.1
First published (updated )
CVE-2022-23520

rubygems/railsRails Possible XSS Vulnerability in Action Controller

medium
6.1
EPSS
0.04%
First published (updated )
CVE-2024-26143

Ruby on Railsactionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x before 3.1.5, a…

medium
6.4
First published (updated )
CVE-2012-2660

Ruby on RailsThe decode_credentials method in actionpack/lib/action_controller/metal/http_authentication.rb in Ru…

medium
5
First published (updated )
CVE-2012-3424

Ruby on RailsXSS

medium
4.3
First published (updated )
CVE-2012-3464

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Ruby on RailsXSS

medium
4.3
First published (updated )
CVE-2012-3465

Ruby on Railsactionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, a…

medium
4.3
First published (updated )
CVE-2012-2694

rubygems/actionpackXSS

medium
6.1
First published (updated )
CVE-2011-1497

Ruby on RailsA open redirect vulnerability exists in Action Pack >= 6.0.0 that could allow an attacker to craft a…

medium
6.1
First published (updated )
CVE-2021-44528

rubygems/activerecord-session_storeThe activerecord-session_store (aka Active Record Session Store) component through 1.1.3 for Ruby on…

medium
5.3
First published (updated )
CVE-2019-25025

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

rubygems/actiontextActionText ContentAttachment can Contain Unsanitized HTML

medium
6.1
First published (updated )
CVE-2024-32464

Ruby on RailsInput Validation, CSRF

medium
6.8
First published (updated )
CVE-2008-7248

Ruby on RailsXSS

medium
4.3
First published (updated )
CVE-2009-4214

Ruby on RailsInfoleak

medium
5
First published (updated )
CVE-2009-3086

Ruby on RailsXSS

medium
4.3
First published (updated )
CVE-2009-3009

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

rubygems/activerecordInput Validation

medium
6.4
First published (updated )
CVE-2010-3933

Debian LinuxThe encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.

medium
6.5
First published (updated )
CVE-2010-3299

Ruby on RailsXSS

medium
4.3
First published (updated )
CVE-2011-4319

rubygems/actionpackInput Validation

medium
4.3
First published (updated )
CVE-2011-3187

Ruby on RailsCode Injection, CRLF Injection

medium
4.3
First published (updated )
CVE-2011-3186

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Ruby on RailsInput Validation

medium
5
First published (updated )
CVE-2011-2929

Ruby on RailsXSS

medium
4.3
First published (updated )
CVE-2011-2932

Ruby on RailsXSS

medium
4.3
First published (updated )
CVE-2011-2931

Ruby on RailsXSS

medium
4.3
First published (updated )
CVE-2011-2197

Ruby on RailsCSRF

medium
6.8
First published (updated )
CVE-2011-0447

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203