CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27064 – Visual Studio Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-27064
Visual Studio Installer Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Visual Studio Installer • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064 •
CVSS: 9.8EPSS: 8%CPEs: 10EXPL: 0CVE-2021-26701 – .NET Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26701
.NET Core Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de .NET Core. Este ID de CVE es diferente de CVE-2021-24112 A remote code execution vulnerability was found in dotnet in the System.Text.Encodings.Web package, caused by a buffer overrun. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TW3ZSJTTMZAFKGW7NJWTVVFZUYYU2SJZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBOSSX7U6BSHV5RI74FCOW4ITJ5RRJR5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WA5WQJVHUL5C4XMJTLY3C67R4WP35EF4 https://lists.fedoraproject.org/archives/list/package-announce%40li • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-1639 – Visual Studio Code Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-1639
Visual Studio Code Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Visual Studio Code • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1639 •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-1721 – .NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1721
.NET Core and Visual Studio Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio de .NET Core y Visual Studio A flaw was found in dotnet. A recursion error when building X.509 certificate chains can lead to a stack overflow which could crash the system. The highest threat from this vulnerability is to system availability. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1721 https://access.redhat.com/security/cve/CVE-2021-1721 https://bugzilla.redhat.com/show_bug.cgi?id=1926918 • CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-1723 – ASP.NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1723
ASP.NET Core and Visual Studio Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio de ASP.NET Core y Visual Studio A flaw was found in dotnet. Running callbacks outside of locks results in Krestel deadlock using HTTP2. The highest threat from this vulnerability is to system availability. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1723 https://access.redhat.com/security/cve/CVE-2021-1723 https://bugzilla.redhat.com/show_bug.cgi?id=1914258 • CWE-833: Deadlock •