| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
Ruby on Rails Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-17920)
|
CVE-2017-17920
CWE-138
|
CWE-138
|
High
|
|
Ruby on Rails Improper Verification of Intent by Broadcast Receiver Vulnerability (CVE-2026-33173)
|
CVE-2026-33173
CWE-925
|
CWE-925
|
Medium
|
|
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22792)
|
CVE-2023-22792
CWE-1333
|
CWE-1333
|
High
|
|
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2023-22795)
|
CVE-2023-22795
CWE-1333
|
CWE-1333
|
High
|
|
Ruby on Rails Inefficient Regular Expression Complexity Vulnerability (CVE-2024-26142)
|
CVE-2024-26142
CWE-1333
|
CWE-1333
|
High
|
|
Ruby on Rails Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-33174)
|
CVE-2026-33174
CWE-789
|
CWE-789
|
High
|
|
Ruby on Rails Missing Encryption of Sensitive Data Vulnerability (CVE-2010-3299)
|
CVE-2010-3299
CWE-311
|
CWE-311
|
Medium
|
|
Ruby on Rails Other Vulnerability (CVE-2013-0333)
|
CVE-2013-0333
|
|
High
|
|
Ruby on Rails Other Vulnerability (CVE-2021-22904)
|
CVE-2021-22904
|
|
High
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-0449)
|
CVE-2011-0449
CWE-264
|
CWE-264
|
High
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2660)
|
CVE-2012-2660
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2694)
|
CVE-2012-2694
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0155)
|
CVE-2013-0155
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0276)
|
CVE-2013-0276
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)
|
CVE-2013-6417
CWE-264
|
CWE-264
|
Medium
|
|
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)
|
CVE-2014-3514
CWE-264
|
CWE-264
|
High
|
|
Ruby on Rails Resource Management Errors Vulnerability (CVE-2015-7581)
|
CVE-2015-7581
|
|
High
|
|
Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)
|
CVE-2016-0751
|
|
High
|
|
Ruby on Rails SQL injection
|
CVE-2012-2695
CWE-89
|
CWE-89
|
High
|
|
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2020-8185)
|
CVE-2020-8185
CWE-400
|
CWE-400
|
Medium
|
|
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2021-22880)
|
CVE-2021-22880
CWE-400
|
CWE-400
|
High
|
|
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2026-33169)
|
CVE-2026-33169
CWE-400
|
CWE-400
|
Medium
|
|
Ruby on Rails Uncontrolled Resource Consumption Vulnerability (CVE-2026-33176)
|
CVE-2026-33176
CWE-400
|
CWE-400
|
High
|
|
Ruby on Rails Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-8162)
|
CVE-2020-8162
CWE-434
|
CWE-434
|
High
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22881)
|
CVE-2021-22881
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22903)
|
CVE-2021-22903
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22942)
|
CVE-2021-22942
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-44528)
|
CVE-2021-44528
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-22797)
|
CVE-2023-22797
CWE-601
|
CWE-601
|
Medium
|
|
Ruby on Rails Use of Externally-Controlled Format String Vulnerability (CVE-2013-4389)
|
CVE-2013-4389
CWE-134
|
CWE-134
|
Medium
|
|
Ruby on Rails weak/known secret token
|
CVE-2013-0156
CWE-200
|
CWE-200
|
High
|
|
Ruby Other Vulnerability (CVE-2012-5380)
|
CVE-2012-5380
|
|
Medium
|
|
Ruby Other Vulnerability (CVE-2014-8080)
|
CVE-2014-8080
|
|
Medium
|
|
Ruby Other Vulnerability (CVE-2014-8090)
|
CVE-2014-8090
|
|
Medium
|
|
Ruby Other Vulnerability (CVE-2016-2336)
|
CVE-2016-2336
|
|
Critical
|
|
Ruby Other Vulnerability (CVE-2016-2337)
|
CVE-2016-2337
|
|
Critical
|
|
Ruby Other Vulnerability (CVE-2021-41817)
|
CVE-2021-41817
|
|
High
|
|
Ruby Out-of-bounds Read Vulnerability (CVE-2022-28739)
|
CVE-2022-28739
CWE-125
|
CWE-125
|
High
|
|
Ruby Out-of-bounds Write Vulnerability (CVE-2016-2338)
|
CVE-2016-2338
CWE-787
|
CWE-787
|
Critical
|
|
Ruby Out-of-bounds Write Vulnerability (CVE-2017-11465)
|
CVE-2017-11465
CWE-787
|
CWE-787
|
Critical
|
|
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3655)
|
CVE-2008-3655
CWE-264
|
CWE-264
|
High
|
|
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1005)
|
CVE-2011-1005
CWE-264
|
CWE-264
|
Medium
|
|
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4464)
|
CVE-2012-4464
CWE-264
|
CWE-264
|
Medium
|
|
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4466)
|
CVE-2012-4466
CWE-264
|
CWE-264
|
Medium
|
|
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4481)
|
CVE-2012-4481
CWE-264
|
CWE-264
|
Medium
|
|
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4522)
|
CVE-2012-4522
CWE-264
|
CWE-264
|
Medium
|
|
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2065)
|
CVE-2013-2065
CWE-264
|
CWE-264
|
Medium
|
|
Ruby Resource Management Errors Vulnerability (CVE-2008-2664)
|
CVE-2008-2664
|
|
High
|
|
Ruby Resource Management Errors Vulnerability (CVE-2008-3443)
|
CVE-2008-3443
|
|
Medium
|
|
Ruby Resource Management Errors Vulnerability (CVE-2008-3656)
|
CVE-2008-3656
|
|
High
|
|
Ruby Resource Management Errors Vulnerability (CVE-2008-4310)
|
CVE-2008-4310
|
|
High
|
|
Ruby Resource Management Errors Vulnerability (CVE-2014-2734)
|
CVE-2014-2734
|
|
Medium
|
|
Ruby Resource Management Errors Vulnerability (CVE-2014-6438)
|
CVE-2014-6438
|
|
High
|
|
Ruby Uncontrolled Resource Consumption Vulnerability (CVE-2018-8777)
|
CVE-2018-8777
CWE-400
|
CWE-400
|
High
|
|
Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2017-0898)
|
CVE-2017-0898
CWE-134
|
CWE-134
|
Critical
|
|
Ruby Use of Externally-Controlled Format String Vulnerability (CVE-2018-8778)
|
CVE-2018-8778
CWE-134
|
CWE-134
|
High
|
|
Rukovoditel Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-11821)
|
CVE-2020-11821
CWE-312
|
CWE-312
|
Medium
|
|
Rukovoditel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-11818)
|
CVE-2020-11818
CWE-352
|
CWE-352
|
High
|
|
Rukovoditel Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-30224)
|
CVE-2021-30224
CWE-352
|
CWE-352
|
High
|
|
Rukovoditel Cross-site Scripting (XSS) Vulnerability (CVE-2019-7541)
|
CVE-2019-7541
|
|
Medium
|
|
Rukovoditel Improper Input Validation Vulnerability (CVE-2020-11819)
|
CVE-2020-11819
CWE-20
|
CWE-20
|
Critical
|
|
Rukovoditel Improper Neutralization of Formula Elements in a CSV File Vulnerability (CVE-2023-53913)
|
CVE-2023-53913
CWE-1236
|
CWE-1236
|
High
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7400)
|
CVE-2019-7400
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11813)
|
CVE-2020-11813
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11822)
|
CVE-2020-11822
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18469)
|
CVE-2020-18469
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-18470)
|
CVE-2020-18470
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-21732)
|
CVE-2020-21732
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35984)
|
CVE-2020-35984
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35985)
|
CVE-2020-35985
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35986)
|
CVE-2020-35986
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35987)
|
CVE-2020-35987
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43164)
|
CVE-2022-43164
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43165)
|
CVE-2022-43165
CWE-707
|
CWE-707
|
Medium
|
|
Rukovoditel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43166)
|
CVE-2022-43166
CWE-707
|
CWE-707
|
Medium
|
