CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-34477 – Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-34477
Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Visual Studio Code .NET Runtime • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34477 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-31957 – ASP.NET Core Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-31957
ASP.NET Core Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en ASP.NET A flaw was found in dotnet. The way client disconnects are handled can allow a remote, unauthenticated attacker to exploit this vulnerability to cause a denial of service against an ASP.NET Core application. The highest threat from this vulnerability is to system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4PRVVLXXQEF4SEJOBV3VRJHGX7YHY2CG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CVCDYIP4A6DDRT7G6P3ZW6PKNK2DNWJ2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PMHWHRRYDHKM6BIINW5V7OCSW4SDWB4W https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VMAO4NG2OQ4PCXUQWMNSCMYWLIJJY6UY https://portal.msrc.microsoft.com/en-US/security-guidance/advis • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27434
https://notcve.org/view.php?id=CVE-2021-27434
Products with Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versions V3.0.7 and prior (.NET 4.5, 4.0, and 3.5 Framework versions only) are vulnerable to an uncontrolled recursion, which may allow an attacker to trigger a stack overflow. Productos con el programa Unified Automation .NET based OPC UA Client/Server SDK Bundle: Versiones V3.0.7 y anteriores (solo versiones de .NET 4.5, 4.0 y 3.5 Framework) son vulnerables a una recursividad no controlada, que puede permitir a un atacante desencadenar un desbordamiento de pila • https://us-cert.cisa.gov/ics/advisories/icsa-21-133-04 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-674: Uncontrolled Recursion •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2021-31204 – .NET and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31204
.NET and Visual Studio Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios de .NET y Visual Studio A flaw was found in dotnet. A .NET Core single-file application running with elevated permissions could allow an attacker to gain elevated privileges. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F3VM3RMPE7PNNLLI3BPCSAXITQZCFCA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6M7KL3KTHJVQNRA3CWFUTESQJARQEHSZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FVMWZPF4FR6JPFSNAIDIUDULHZJBVCW6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LFXJPQUYUITJMV75YN3XIGE3KKN5GOCU https://lists.fedoraproject.org/archives/list/package-announce%40li • CWE-273: Improper Check for Dropped Privileges •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-3146
https://notcve.org/view.php?id=CVE-2021-3146
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain privileges. El servicio de API Dolby Audio X2 (DAX2) versiones anteriores a 0.8.8.90 en Windows permite a los usuarios locales obtener privilegios • https://professional.dolby.com/siteassets/pdfs/dolby-dax2-security-advisory-2021-04-07.pdf • CWE-426: Untrusted Search Path •