CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-31957 – ASP.NET Core Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-31957
ASP.NET Core Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en ASP.NET A flaw was found in dotnet. The way client disconnects are handled can allow a remote, unauthenticated attacker to exploit this vulnerability to cause a denial of service against an ASP.NET Core application. The highest threat from this vulnerability is to system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4PRVVLXXQEF4SEJOBV3VRJHGX7YHY2CG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVCDYIP4A6DDRT7G6P3ZW6PKNK2DNWJ2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMHWHRRYDHKM6BIINW5V7OCSW4SDWB4W https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMAO4NG2OQ4PCXUQWMNSCMYWLIJJY6UY https://portal.msrc.microsoft.com/en-US/security-guidance/advis • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-31204 – .NET and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31204
.NET and Visual Studio Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios de .NET y Visual Studio A flaw was found in dotnet. A .NET Core single-file application running with elevated permissions could allow an attacker to gain elevated privileges. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F3VM3RMPE7PNNLLI3BPCSAXITQZCFCA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6M7KL3KTHJVQNRA3CWFUTESQJARQEHSZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVMWZPF4FR6JPFSNAIDIUDULHZJBVCW6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFXJPQUYUITJMV75YN3XIGE3KKN5GOCU https://lists.fedoraproject.org/archives/list/package-announce%40li • CWE-273: Improper Check for Dropped Privileges •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-3146
https://notcve.org/view.php?id=CVE-2021-3146
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges. El servicio de API Dolby Audio X2 (DAX2) versiones anteriores a 0.8.8.90 en Windows permite a los usuarios locales obtener privilegios • https://professional.dolby.com/siteassets/pdfs/dolby-dax2-security-advisory-2021-04-07.pdf • CWE-426: Untrusted Search Path •
CVSS: 9.8EPSS: 8%CPEs: 10EXPL: 0CVE-2021-26701 – .NET Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26701
.NET Core Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de .NET Core. Este ID de CVE es diferente de CVE-2021-24112 A remote code execution vulnerability was found in dotnet in the System.Text.Encodings.Web package, caused by a buffer overrun. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TW3ZSJTTMZAFKGW7NJWTVVFZUYYU2SJZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UBOSSX7U6BSHV5RI74FCOW4ITJ5RRJR5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WA5WQJVHUL5C4XMJTLY3C67R4WP35EF4 https://lists.fedoraproject.org/archives/list/package-announce%40li • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2021-24112 – .NET Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-24112
.NET Core Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de .NET Core. Este ID de CVE es diferente de CVE-2021-26701 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24112 •