Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
231077
AlmaLinux
3083
Alpine
3538
Android
2115
Bitnami
4448
Chainguard
14034
CRAN
10
crates.io
1440
Debian
41014
GIT
23126
GitHub Actions
19
Go
3439
Hackage
19
Hex
30
Linux
13574
Maven
5051
npm
19016
NuGet
1353
openSUSE
8620
OSS-Fuzz
2615
Packagist
4029
Pub
8
PyPI
13899
Rocky Linux
1344
RubyGems
1612
SUSE
14728
SwiftURL
32
Ubuntu
40354
Wolfi
8527
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-735f-pc8j-v9w8
Maven/com.google.protobuf:protobuf-java
Maven/com.google.protobuf:protobuf-javalite
Maven/com.google.protobuf:protobuf-kotlin
Maven/com.google.protobuf:protobuf-kotlin-lite
RubyGems/google-protobuf
protobuf-java has potential Denial of Service issue
8 hours ago
Fix available
Severity - 8.7 (High)
GHSA-7x4w-cj9r-h4v9
RubyGems/camaleon_cms
Camaleon CMS vulnerable to remote code execution through code injection (GHSL-2024-185)
yesterday
Fix available
Severity - 8.6 (High)
GHSA-r9cr-qmfw-pmrc
RubyGems/camaleon_cms
Camaleon CMS allows stored XSS through user file upload (GHSL-2024-184)
yesterday
Fix available
Severity - 4.8 (Medium)
GHSA-cp65-5m9r-vc2c
RubyGems/camaleon_cms
Camaleon CMS vulnerable to arbitrary path traversal (GHSL-2024-183)
yesterday
Fix available
Severity - 7.1 (High)
GHSA-wmjg-vqhv-q5p5
RubyGems/camaleon_cms
Camaleon CMS affected by arbitrary file write to RCE (GHSL-2024-182)
yesterday
Fix available
Severity - 8.7 (High)
GHSA-qjxf-mc72-wjr2
RubyGems/devise-two-factor
Devise-Two-Factor Authentication Uses Insufficient Default OTP Shared Secret Length
2 days ago
Fix available
Severity - 6.0 (Medium)
GHSA-vvqw-fqwx-mqmm
RubyGems/decidim
Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin panel with QuillJS WYSWYG editor
3 days ago
Fix available
Severity - 5.9 (Medium)
GHSA-rx9f-5ggv-5rh6
RubyGems/decidim-admin
Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log
3 days ago
Fix available
Severity - 6.0 (Medium)
GHSA-cvp8-5r8g-fhvq
RubyGems/omniauth-saml
omniauth-saml vulnerable to Improper Verification of Cryptographic Signature
11 Sep
Fix available
Severity - 9.9 (Critical)
GHSA-jw9c-mfg7-9rx2
RubyGems/ruby-saml
SAML authentication bypass via Incorrect XPath selector
10 Sep
Fix available
Severity - 9.9 (Critical)
GHSA-frp2-5qfc-7r8m
RubyGems/request_store
request_store has Incorrect Default Permissions
23 Aug
Fix available
Severity - 5.9 (Medium)
GHSA-vmwr-mc7x-5vc3
RubyGems/rexml
REXML denial of service vulnerability
22 Aug
Fix available
Severity - 8.2 (High)
GHSA-2m96-52r3-2f3g
RubyGems/fugit
fugit parse and parse_nat stall on lengthy input
19 Aug
Fix available
Severity - 5.3 (Medium)
GHSA-qv32-5wm2-p32h
RubyGems/sequenceserver
Command Injection in sequenceserver
13 Aug
Fix available
Severity - 9.3 (Critical)
GHSA-5866-49gr-22v4
RubyGems/rexml
REXML DoS vulnerability
02 Aug
Fix available
Severity - 6.9 (Medium)
GHSA-r55c-59qm-vjw6
RubyGems/rexml
REXML DoS vulnerability
01 Aug
Fix available
Severity - 6.9 (Medium)
Load more...
RubyGems - OSV