CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-26423 – .NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-26423
.NET Core and Visual Studio Denial of Service Vulnerability Una Vulnerabilidad de Denegación de Servicio en .NET Core y Visual Studio An infinite loop error was found in ASP.NET when processing WebSocket frames. The exploitation of this issue can cause high CPU resource consumption. The highest threat from this vulnerability is to system availability. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26423 https://access.redhat.com/security/cve/CVE-2021-26423 https://bugzilla.redhat.com/show_bug.cgi?id=1990295 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-34532 – ASP.NET Core and Visual Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-34532
ASP.NET Core and Visual Studio Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información en ASP.NET Core y Visual Studio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34532 https://access.redhat.com/security/cve/CVE-2021-34532 https://bugzilla.redhat.com/show_bug.cgi?id=1990300 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 5%CPEs: 1EXPL: 0CVE-2021-34529 – Visual Studio Code Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34529
Visual Studio Code Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2021-34528 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio Code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the settings.json file. When parsing the maven.executable.options parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34529 https://www.zerodayinitiative.com/advisories/ZDI-21-827 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2021-34528 – Visual Studio Code Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34528
Visual Studio Code Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2021-34529 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34528 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-34479 – Microsoft Visual Studio Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2021-34479
Microsoft Visual Studio Spoofing Vulnerability Una vulnerabilidad de Suplantación de Identidad en Microsoft Visual Studio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34479 •