CVE-2023-21538 – .NET Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21538
.NET Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de .NET A vulnerability was found in dotnet. This flaw occurs when parsing an empty HTTP response as a JSON.NET JObject that causes a stack overflow and crashes a process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21538 https://access.redhat.com/security/cve/CVE-2023-21538 https://bugzilla.redhat.com/show_bug.cgi?id=2158342 • CWE-121: Stack-based Buffer Overflow CWE-502: Deserialization of Untrusted Data •
CVE-2022-41089 – .NET Framework Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41089
.NET Framework Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de .NET Framework. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089 •
CVE-2022-41064 – .NET Framework Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-41064
.NET Framework Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de .NET Framework • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41064 •
CVE-2022-41032 – NuGet Client Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41032
NuGet Client Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en el cliente NuGet A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOG35Z5RL5W5RGLLYLN46CI4D2UPDSWM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDPT2MJC3HD7HYZGASOOX6MTDR4ASBL5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7BMHO5ITRBZREVTEKHQRGSFRPDMALV3 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41032 https://access.redhat.com/security/cve/CVE-2022-41032 https://bugzilla.redhat.com/sho • CWE-524: Use of Cache Containing Sensitive Information •
CVE-2022-26929 – .NET Framework Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26929
.NET Framework Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de .NET Framework • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26929 •