AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua and Go network intrusion detection system engine. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
9592ddac406040974faa1b34a459f123d010fd293a18114a8468d871b7825c7b
Red Hat Security Advisory 2023-3291-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP response splitting and denial of service vulnerabilities.
20dec59adcb39ef2916d6cca7cd13c8ca58d1f5b2b3c7506b88fe76014af5ad2
Ubuntu Security Notice 6087-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM.
cc361b6847f2850db6412282b2a465949ce6e489bc3be40573658c7db61eda9b
Ubuntu Security Notice 6055-2 - USN-6055-1 fixed a vulnerability in Ruby. Unfortunately it introduced a regression. This update reverts the patches applied to CVE-2023-28755 in order to fix the regression pending further investigation. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.
ada5c9e435b07122b3ea37aaeeff4ec44d8a5abb8e17dfa44d63ad098d9107d3
Ubuntu Security Notice 6055-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. This issue is being addressed only for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
57cc9e7412e527b063da950b49c9036f3f360426a199720cba2c4ff74ccb4925
Debian Linux Security Advisory 5389-1 - Two vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could lead to XSS and DOM based cross-site scripting (CRS). This update also fixes a regression introduced in previous update that may block certain access for apps using development environment.
74d22f237334eaa35ef53eabd71db5ab39812d288737dc9a32864fea7cc87905
Red Hat Security Advisory 2023-1486-01 - Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include HTTP request smuggling, code execution, and denial of service vulnerabilities.
34681b3994f7696e63749c33f2b4943d1f3991726eb9aa72976cb927c1014ab6
Ubuntu Security Notice 5806-3 - USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 20.04 LTS. Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.
2946affe6446c720209e8c8a6781b9e746e6210d18a5a939af4608b1e97f3dfd
Debian Linux Security Advisory 5372-1 - Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect.
44ed6f4160efe547c9a47f4f62db177c265c289c98a029bb8114b3fa4bca4f1f
Debian Linux Security Advisory 5360-1 - Xi Lu discovered that missing input sanitising in Emacs (in etags, the Ruby mode and htmlfontify) could result in the execution of arbitrary shell commands.
82d11ef9e76f7318d8a66038c6614675b087dfdc2b8d50aad0fe55d3dd74b5c7
AIEngine is a next generation interactive/programmable Python/Ruby/Java/Lua and Go network intrusion detection system engine. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
65c5483016570ea2fd986c9fd302001786b8924e7bfe294e0bbbd46f415bf974
Some Hikvision Hybrid SAN products were vulnerable to multiple remote code execution (command injection) vulnerabilities, including reflected cross site scripting, Ruby code injection, classic and blind SQL injection resulting in remote code execution that allows an adversary to execute arbitrary operating system commands and more. However, an adversary must be on the same network to leverage this vulnerability to execute arbitrary commands.
9ef9e4e937841d3becdae9ba498b3199c7ac7dfcaea39831e8e5a468cd2d8f10
Ubuntu Security Notice 5806-2 - USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.10. Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.
5e9eaa591a250702e16d36f855a65138db55f846075d60d7208d9a3e346086a8
Ubuntu Security Notice 5806-1 - Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.
75ea48c38a96b7594dbd0877d422b431f6c885a45730d787e0fa46952d38d26c
Debian Linux Security Advisory 5310-1 - It was discovered that ruby-image-processing, a ruby package that provides higher-level image processing helpers, is prone to a remote shell execution vulnerability when using the #apply method to apply a series of operations coming from unsanitized user input.
9114837e45c7440099d3923f2a43991909f94c975f31c25f4230d59e7dc5f0fa
This Metasploit module exploits a default Vagrant synced folder (shared folder) to append a Ruby payload to the Vagrant project Vagrantfile config file. By default, unless a Vagrant project explicitly disables shared folders, Vagrant mounts the project directory on the host as a writable vagrant directory on the guest virtual machine. This directory includes the project Vagrantfile configuration file. Ruby code within the Vagrantfile is loaded and executed when a user runs any vagrant command from the project directory on the host, leading to execution of Ruby code on the host.
4aa68ef0141c22e4e2be0cd50c642945c2afd7a94ea98ee68a6375e6bd398e81
Red Hat Security Advisory 2022-6855-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include buffer overflow, denial of service, double free, and spoofing vulnerabilities.
23b2e4fec136d2b841752155cc897796ca8d6de598e56c894f584c758f0ea16e
Red Hat Security Advisory 2022-6856-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include buffer overflow, denial of service, and spoofing vulnerabilities.
bb6ea318ab2029ce81a508f985027beddd25be215db4d7f00c698944641814f3
Red Hat Security Advisory 2022-6585-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include a double free vulnerability.
1ff122457a9752bdbfb6cb45ab90c6e6d019e61a2c3f8ef3642e2c8ea9b73161
Red Hat Security Advisory 2022-6447-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service and spoofing vulnerabilities.
a714de3eaf3a485724cf4aaca3389fd9847b067245c025269499321daae891aa
Red Hat Security Advisory 2022-6450-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service, double free, and spoofing vulnerabilities.
64271aa943cadcf4f53769f49f2705c0658c289b46512a0840bf913803fc1cd1
Red Hat Security Advisory 2022-5779-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include denial of service and spoofing vulnerabilities.
01fe6dcd91920a9cb22a03c1c89fe0164eb2af76b1957d74cf7452270d04cd71
Red Hat Security Advisory 2022-5338-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
b4a68cc58eca9da243167ff02e79915ee516758ed00c162a9cdd60a5051ec094
Ubuntu Security Notice 5462-2 - USN-5462-1 fixed several vulnerabilities in Ruby. This update provides the corresponding CVE-2022-28739 update for ruby2.3 on Ubuntu 16.04 ESM. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
b47ace4598aa16889d8fd13a61ab6776251e8e1f05e571cdb335797d23e1ec0c
Ubuntu Security Notice 5462-1 - It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
93396c53d1b014d262f3aed6dacbfc8d58faaea61e4dae6cbadc94a05bec397a