Vulnerabilities > Plataformatec

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-30	CVE-2019-16676	Improper Input Validation vulnerability in Plataformatec Simple Form Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call. network low complexity plataformatec CWE-20	7.5
2019-09-08	CVE-2019-16109	Unspecified vulnerability in Plataformatec Devise An issue was discovered in Plataformatec Devise before 4.7.1. network low complexity plataformatec	5.0
2019-04-03	CVE-2019-5421	Improper Restriction of Excessive Authentication Attempts vulnerability in Plataformatec Devise Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. network low complexity plataformatec CWE-307	7.5
2013-04-25	CVE-2013-0233	Resource Management Errors vulnerability in multiple products Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts. network plataformatec ruby-lang opensuse CWE-399	6.8

Vulnerabilities > Plataformatec {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Plataformatec"}]}