CVSS: 10.0EPSS: 13%CPEs: 82EXPL: 0CVE-2023-36049 – .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36049
14 Nov 2023 — .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en .NET, .NET Framework y Visual Studio A vulnerability was found in FormatFtpCommand in the .NET package that may result in a CRLF injection arbitrary file write and deletion. This vulnerability allows remote attackers to create or delete arbitrary files on FTP servers implemented using affected versions of Microsoft .NET. Interaction with the .NET framework is required to exploit this vu... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36049 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-36042 – Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-36042
14 Nov 2023 — Visual Studio Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de Visual Studio. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36042 • CWE-122: Heap-based Buffer Overflow CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 18%CPEs: 7EXPL: 0CVE-2023-38171 – Microsoft QUIC Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-38171
10 Oct 2023 — Microsoft QUIC Denial of Service Vulnerability Vulnerabilidad de denegación de servicio en Microsoft QUIC • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38171 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 1%CPEs: 47EXPL: 0CVE-2023-36792 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36792
12 Sep 2023 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Códigode Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 48EXPL: 0CVE-2023-36793 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36793
12 Sep 2023 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 1%CPEs: 48EXPL: 0CVE-2023-36794 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36794
12 Sep 2023 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 1%CPEs: 48EXPL: 0CVE-2023-36796 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36796
12 Sep 2023 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código de Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 7%CPEs: 6EXPL: 0CVE-2023-36799 – .NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-36799
12 Sep 2023 — .NET Core and Visual Studio Denial of Service Vulnerability Vulnerabilidad de Denegación de Servicio en .NET Core y Visual Studio A vulnerability was found in dotnet. This issue can lead to a denial of service when processing X.509 certificates. USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for [CVE-2023-36799] was incomplete. This update fixes the problem. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2023-36758 – Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-36758
12 Sep 2023 — Visual Studio Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios en Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36758 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •