National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • Keyword (text search): Ruby
There are 436 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2014-4998

test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.

Published: January 10, 2018; 01:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 2.1 LOW
CVE-2014-4997

lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.

Published: January 10, 2018; 01:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 2.1 LOW
CVE-2014-4996

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}.

Published: January 10, 2018; 01:29:00 PM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2014-4995

Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.

Published: January 10, 2018; 01:29:00 PM -05:00
V3.0: 7.0 HIGH
    V2: 1.9 LOW
CVE-2014-4994

lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames.

Published: January 10, 2018; 01:29:00 PM -05:00
V3.0: 5.5 MEDIUM
    V2: 2.1 LOW
CVE-2014-4993

(1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2) lib/backup/cli/utility.rb in the backup_checksum gem 3.0.23 for Ruby place credentials on the openssl command line, which allows local users to obtain sensitive information by listing the process.

Published: January 10, 2018; 01:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 2.1 LOW
CVE-2014-4992

lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process.

Published: January 10, 2018; 01:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 2.1 LOW
CVE-2014-4991

(1) lib/dataset/database/mysql.rb and (2) lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.

Published: January 10, 2018; 01:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 2.1 LOW
CVE-2018-5220

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002610.

Published: January 04, 2018; 02:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5219

In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002168.

Published: January 04, 2018; 02:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5218

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x950025b0.

Published: January 04, 2018; 02:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5217

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002578.

Published: January 04, 2018; 02:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5088

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300211C.

Published: January 03, 2018; 04:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5087

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002100.

Published: January 03, 2018; 04:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5086

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300215F.

Published: January 03, 2018; 04:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5085

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002124.

Published: January 03, 2018; 04:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5084

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300212C.

Published: January 03, 2018; 04:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5083

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300215B.

Published: January 03, 2018; 04:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5082

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002128.

Published: January 03, 2018; 04:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM
CVE-2018-5081

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020F0.

Published: January 03, 2018; 04:29:00 PM -05:00
V3.0: 7.8 HIGH
    V2: 6.1 MEDIUM