Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

Ruby - HackerOne Reports

View on HackerOne

72

Total Reports

1

Critical

10

High

20

Medium

10

Low

Ruby is shipping a vulnerable jQuery

Reported by: chrisseaton | Disclosed:

Low

CVEs: CVE-2015-9251 CVE-2012-6708

Invalid URL parsing '#'

Reported by: mrtc0 | Disclosed:

ReDoS in IPAddr

Reported by: ooooooo_q | Disclosed:

The possibility that unintended file operation may be performed because some methods of `Dir` do not check NULL characters.

Reported by: ooooooo_q | Disclosed:

Weakness: Improper Access Control - Generic

Bounty: $500.00

Unix domain socket and a path containing a null character

Reported by: ooooooo_q | Disclosed:

Weakness: Improper Access Control - Generic

Bounty: $500.00

Unintentional file creation caused at Tempfile with directory traversal

Reported by: ooooooo_q | Disclosed:

Weakness: Improper Access Control - Generic

Bounty: $500.00

Variant of CVE-2013-0269 (Denial of Service and Unsafe Object Creation Vulnerability in JSON)

Reported by: jeremyevans | Disclosed:

Medium

Weakness: Business Logic Errors

Bounty: $500.00

CVEs: CVE-2013-0269

Bug Report : [ No Valid SPF Records ]

Reported by: sohaib619 | Disclosed:

High

'net/http': HTTP Header Injection in the set_content_type method

Reported by: sighook | Disclosed:

High

Weakness: CRLF Injection

CVEs: CVE-2020-26116

WEBrick::HTTPAuth::DigestAuth authentication is vulnerable to regular expression denial of service (ReDoS)

Reported by: 358 | Disclosed:

Low

Weakness: Uncontrolled Resource Consumption

DRb denial of service vulnerability

Reported by: u75615 | Disclosed:

Weakness: Uncontrolled Resource Consumption

URI parser's RFC3986 regular expression has poor performance when there are two # characters, leading to ReDoS

Reported by: dee-see | Disclosed:

Medium

'net/ftp': Uncontrolled Resource Consumption (Memory/CPU)

Reported by: sighook | Disclosed:

Medium

Weakness: Uncontrolled Resource Consumption

Take back my all data from [email protected]

Reported by: sam1166 | Disclosed:

High

public report - Reproducible - Writable RubyCi Amazon s3 bucket[207053]

Reported by: koti2 | Disclosed:

Weakness: Improper Authentication - Generic

Open S3 Bucket WriteAble To Any Aws User

Reported by: injector404 | Disclosed:

High

Weakness: Improper Authentication - Generic

Ruby 2.3.x and 2.2.x still bundle DoS vulnerable verision of libYAML

Reported by: usa | Disclosed:

Medium

Weakness: Memory Corruption - Generic

CVEs: CVE-2014-9130

Ruby 2.4.1 has "Stack consistency error" and aborts when processing return statement within a case statement

Reported by: haquaman | Disclosed:

Weakness: Memory Corruption - Generic

controlled buffer under-read in pack_unpack_internal()

Reported by: aerodudrizzt | Disclosed:

Medium

Weakness: Buffer Under-read

Arbitrary heap overread in strscan on 32 bit Ruby, patch included

Reported by: guido | Disclosed:

Low

Weakness: Information Disclosure

Previous Page 3 of 4 Next