Vulnerabilities - Page 161

Vulnerability Name	CVE CWE	CWE	Severity
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4214)	CVE-2009-4214 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0446)	CVE-2011-0446 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1497)	CVE-2011-1497 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2197)	CVE-2011-2197 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2931)	CVE-2011-2931 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2932)	CVE-2011-2932 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4319)	CVE-2011-4319 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1098)	CVE-2012-1098 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1099)	CVE-2012-1099 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3463)	CVE-2012-3463 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3464)	CVE-2012-3464 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3465)	CVE-2012-3465 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1855)	CVE-2013-1855 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1857)	CVE-2013-1857 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4491)	CVE-2013-4491 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6415)	CVE-2013-6415 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6416)	CVE-2013-6416 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0081)	CVE-2014-0081 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3226)	CVE-2015-3226 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6316)	CVE-2016-6316 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8264)	CVE-2020-8264 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26143)	CVE-2024-26143 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-32464)	CVE-2024-32464 CWE-707	CWE-707	Medium
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4094)	CVE-2008-4094 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-0448)	CVE-2011-0448 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2930)	CVE-2011-2930 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2661)	CVE-2012-2661 CWE-138	CWE-138	Medium
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2695)	CVE-2012-2695 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6496)	CVE-2012-6496 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-0080)	CVE-2014-0080 CWE-138	CWE-138	Medium
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3482)	CVE-2014-3482 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3483)	CVE-2014-3483 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17916)	CVE-2017-17916 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17917)	CVE-2017-17917 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17919)	CVE-2017-17919 CWE-138	CWE-138	High
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17920)	CVE-2017-17920 CWE-138	CWE-138	High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)	CVE-2023-22792 CWE-1333	CWE-1333	High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)	CVE-2023-22795 CWE-1333	CWE-1333	High
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2024-26142)	CVE-2024-26142 CWE-1333	CWE-1333	High
Ruby on Rails Missing Encryption of Sensitive Data Vulnerability (CVE-2010-3299)	CVE-2010-3299 CWE-311	CWE-311	Medium
Ruby on Rails Other Vulnerability (CVE-2013-0333)	CVE-2013-0333		High
Ruby on Rails Other Vulnerability (CVE-2021-22904)	CVE-2021-22904		High
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-0449)	CVE-2011-0449 CWE-264	CWE-264	High
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)	CVE-2012-2660 CWE-264	CWE-264	Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2694)	CVE-2012-2694 CWE-264	CWE-264	Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0155)	CVE-2013-0155 CWE-264	CWE-264	Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0276)	CVE-2013-0276 CWE-264	CWE-264	Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)	CVE-2013-6417 CWE-264	CWE-264	Medium
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)	CVE-2014-3514 CWE-264	CWE-264	High
Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)	CVE-2015-7581		High
Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)	CVE-2016-0751		High
Ruby on Rails SQL injection	CVE-2012-2695 CWE-89	CWE-89	High
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2020-8185)	CVE-2020-8185 CWE-400	CWE-400	Medium
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2021-22880)	CVE-2021-22880 CWE-400	CWE-400	High
Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)	CVE-2020-8162 CWE-434	CWE-434	High
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22881)	CVE-2021-22881 CWE-601	CWE-601	Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22903)	CVE-2021-22903 CWE-601	CWE-601	Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22942)	CVE-2021-22942 CWE-601	CWE-601	Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-44528)	CVE-2021-44528 CWE-601	CWE-601	Medium
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-22797)	CVE-2023-22797 CWE-601	CWE-601	Medium
Ruby on Rails Use of Externally-Controlled Format String Vulnerability (CVE-2013-4389)	CVE-2013-4389 CWE-134	CWE-134	Medium
Ruby on Rails weak/known secret token	CVE-2013-0156 CWE-200	CWE-200	High
Ruby Other Vulnerability (CVE-2012-5380)	CVE-2012-5380		Medium
Ruby Other Vulnerability (CVE-2014-8080)	CVE-2014-8080		Medium
Ruby Other Vulnerability (CVE-2014-8090)	CVE-2014-8090		Medium
Ruby Other Vulnerability (CVE-2016-2336)	CVE-2016-2336		Critical
Ruby Other Vulnerability (CVE-2016-2337)	CVE-2016-2337		Critical
Ruby Other Vulnerability (CVE-2021-41817)	CVE-2021-41817		High
Ruby Out-of-bounds Read Vulnerability (CVE-2022-28739)	CVE-2022-28739 CWE-125	CWE-125	High
Ruby Out-of-bounds Write Vulnerability (CVE-2016-2338)	CVE-2016-2338 CWE-787	CWE-787	Critical
Ruby Out-of-bounds Write Vulnerability (CVE-2017-11465)	CVE-2017-11465 CWE-787	CWE-787	Critical
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3655)	CVE-2008-3655 CWE-264	CWE-264	High
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1005)	CVE-2011-1005 CWE-264	CWE-264	Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)	CVE-2012-4464 CWE-264	CWE-264	Medium
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4466)	CVE-2012-4466 CWE-264	CWE-264	Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4214)

CVE-2009-4214

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-0446)

CVE-2011-0446

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1497)

CVE-2011-1497

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2197)

CVE-2011-2197

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2931)

CVE-2011-2931

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-2932)

CVE-2011-2932

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4319)

CVE-2011-4319

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1098)

CVE-2012-1098

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1099)

CVE-2012-1099

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3463)

CVE-2012-3463

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3464)

CVE-2012-3464

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3465)

CVE-2012-3465

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1855)

CVE-2013-1855

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-1857)

CVE-2013-1857

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4491)

CVE-2013-4491

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6415)

CVE-2013-6415

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-6416)

CVE-2013-6416

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0081)

CVE-2014-0081

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-3226)

CVE-2015-3226

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6316)

CVE-2016-6316

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-8264)

CVE-2020-8264

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26143)

CVE-2024-26143

CWE-707

Medium

Ruby on Rails Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-32464)

CVE-2024-32464

CWE-707

Medium

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2008-4094)

CVE-2008-4094

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-0448)

CVE-2011-0448

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2011-2930)

CVE-2011-2930

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2661)

CVE-2012-2661

CWE-138

Medium

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2695)

CVE-2012-2695

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-6496)

CVE-2012-6496

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-0080)

CVE-2014-0080

CWE-138

Medium

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3482)

CVE-2014-3482

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-3483)

CVE-2014-3483

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17916)

CVE-2017-17916

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17917)

CVE-2017-17917

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17919)

CVE-2017-17919

CWE-138

High

Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17920)

CVE-2017-17920

CWE-138

High

Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)

CVE-2023-22792

CWE-1333

High

Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)

CVE-2023-22795

CWE-1333

High

Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2024-26142)

CVE-2024-26142

CWE-1333

High

Ruby on Rails Missing Encryption of Sensitive Data Vulnerability (CVE-2010-3299)

CVE-2010-3299

CWE-311

Medium

Ruby on Rails Other Vulnerability (CVE-2013-0333)

CVE-2013-0333

High

Ruby on Rails Other Vulnerability (CVE-2021-22904)

CVE-2021-22904

High

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-0449)

CVE-2011-0449

CWE-264

High

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)

CVE-2012-2660

CWE-264

Medium

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2694)

CVE-2012-2694

CWE-264

Medium

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0155)

CVE-2013-0155

CWE-264

Medium

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0276)

CVE-2013-0276

CWE-264

Medium

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)

CVE-2013-6417

CWE-264

Medium

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)

CVE-2014-3514

CWE-264

High

Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)

CVE-2015-7581

High

Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)

CVE-2016-0751

High

Ruby on Rails SQL injection

CVE-2012-2695

CWE-89

High

Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2020-8185)

CVE-2020-8185

CWE-400

Medium

Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2021-22880)

CVE-2021-22880

CWE-400

High

Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)

CVE-2020-8162

CWE-434

High

Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22881)

CVE-2021-22881

CWE-601

Medium

Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22903)

CVE-2021-22903

CWE-601

Medium

Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22942)

CVE-2021-22942

CWE-601

Medium

Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-44528)

CVE-2021-44528

CWE-601

Medium

Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-22797)

CVE-2023-22797

CWE-601

Medium

Ruby on Rails Use of Externally-Controlled Format String Vulnerability (CVE-2013-4389)

CVE-2013-4389

CWE-134

Medium

Ruby on Rails weak/known secret token

CVE-2013-0156

CWE-200

High

Ruby Other Vulnerability (CVE-2012-5380)

CVE-2012-5380

Medium

Ruby Other Vulnerability (CVE-2014-8080)

CVE-2014-8080

Medium

Ruby Other Vulnerability (CVE-2014-8090)

CVE-2014-8090

Medium

Ruby Other Vulnerability (CVE-2016-2336)

CVE-2016-2336

Critical

Ruby Other Vulnerability (CVE-2016-2337)

CVE-2016-2337

Critical

Ruby Other Vulnerability (CVE-2021-41817)

CVE-2021-41817

High

Ruby Out-of-bounds Read Vulnerability (CVE-2022-28739)

CVE-2022-28739

CWE-125

High

Ruby Out-of-bounds Write Vulnerability (CVE-2016-2338)

CVE-2016-2338

CWE-787

Critical

Ruby Out-of-bounds Write Vulnerability (CVE-2017-11465)

CVE-2017-11465

CWE-787

Critical

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3655)

CVE-2008-3655

CWE-264

High

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1005)

CVE-2011-1005

CWE-264

Medium

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)

CVE-2012-4464

CWE-264

Medium

Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4466)

CVE-2012-4466

CWE-264

Medium

Standard & Premium

Severity

Vulnerability Categories

Still Have Questions?

Take action and discover your vulnerabilities