CVSS: 7.8EPSS: 1%CPEs: 48EXPL: 0CVE-2023-36793 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36793
12 Sep 2023 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 1%CPEs: 48EXPL: 0CVE-2023-36794 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36794
12 Sep 2023 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 1%CPEs: 48EXPL: 0CVE-2023-36796 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36796
12 Sep 2023 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 7%CPEs: 6EXPL: 0CVE-2023-36799 – .NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-36799
12 Sep 2023 — .NET Core and Visual Studio Denial of Service Vulnerability Vulnerabilidad de Denegación de Servicio en .NET Core y Visual Studio A vulnerability was found in dotnet. This issue can lead to a denial of service when processing X.509 certificates. USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for [CVE-2023-36799] was incomplete. This update fixes the problem. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 56%CPEs: 8EXPL: 0CVE-2023-38180 – Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-38180
08 Aug 2023 — .NET and Visual Studio Denial of Service Vulnerability An uncontrolled resource consumption vulnerability was found in the Kestrel component of the dotNET. When detecting a potentially malicious client, Kestrel will sometimes fail to disconnect it, resulting in denial of service. It was discovered that .NET did not properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code execution. Benoit Foucher discovered that .NET did not properly implement the Q... • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 0CVE-2023-35391 – ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-35391
08 Aug 2023 — ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391 •
CVSS: 7.8EPSS: 8%CPEs: 5EXPL: 0CVE-2023-35390 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35390
08 Aug 2023 — .NET and Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de .NET y Visual Studio A vulnerability was found in dotnet. This issue exists when some dotnet commands are used in directories with weaker permissions, which can result in remote code execution. It was discovered that .NET did not properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code execution. Benoit Foucher discovered that .NET did not prop... • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CL2L4WE5QRT7WEXANYXSKSU43APC5N2V • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-33170 – ASP.NET and Visual Studio Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-33170
11 Jul 2023 — ASP.NET and Visual Studio Security Feature Bypass Vulnerability A vulnerability was found in dotNET applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords and bypass security restrictions. This flaw allows a remote attacker to bypass security features, causing an impact on confidentiality, integrity, and availability. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and... • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVZVMMCCBBCSCPAW2CRQGOTKIHVFCMRO • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.1EPSS: 2%CPEs: 7EXPL: 0CVE-2023-33127 – .NET and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-33127
11 Jul 2023 — .NET and Visual Studio Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127 • CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.8EPSS: 1%CPEs: 86EXPL: 0CVE-2023-24895 – .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-24895
14 Jun 2023 — .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895 •