CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2024-38167 – .NET and Visual Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38167
13 Aug 2024 — .NET and Visual Studio Information Disclosure Vulnerability A flaw was found in the .NET platform. This issue may lead to the disclosure of sensitive information via TlsStream. It was discovered that .NET suffered from an information disclosure vulnerability. An attacker could potentially use this issue to read targeted email messages. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38167 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 8%CPEs: 5EXPL: 0CVE-2024-38095 – .NET and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-38095
09 Jul 2024 — .NET and Visual Studio Denial of Service Vulnerability Vulnerabilidad de denegación de servicio en .NET y Visual Studio A vulnerability was found in dotNET when Parsing X.509 Content and ObjectIdentifiers. This issue can lead to a denial of service attack. It was discovered that .NET did not properly handle object deserialization. An attacker could possibly use this issue to cause a denial of service. Radek Zikmund discovered that .NET did not properly manage memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38095 • CWE-20: Improper Input Validation •
CVSS: 7.3EPSS: 0%CPEs: 15EXPL: 0CVE-2024-38081 – .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-38081
09 Jul 2024 — .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38081 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 10%CPEs: 13EXPL: 0CVE-2024-35272 – SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-35272
09 Jul 2024 — SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35272 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 5%CPEs: 5EXPL: 0CVE-2024-30105 – .NET and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-30105
09 Jul 2024 — .NET Core and Visual Studio Denial of Service Vulnerability Vulnerabilidad de denegación de servicio en .NET Core y Visual Studio .NET and Visual Studio Denial of Service Vulnerability A vulnerability was found in .NET. This issue can cause a denial of service in the System.Text.Json deserialization. It was discovered that .NET did not properly handle object deserialization. An attacker could possibly use this issue to cause a denial of service. Radek Zikmund discovered that .NET did not properly manage mem... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30105 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 2%CPEs: 5EXPL: 0CVE-2024-35264 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-35264
09 Jul 2024 — .NET and Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de .NET y Visual Studio A vulnerability was found in dotNET when parsing ASP.NET Core 8. This issue can lead to a denial of service attack. It was discovered that .NET did not properly handle object deserialization. An attacker could possibly use this issue to cause a denial of service. Radek Zikmund discovered that .NET did not properly manage memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35264 • CWE-416: Use After Free •
CVSS: 4.7EPSS: 1%CPEs: 6EXPL: 1CVE-2024-30052 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30052
11 Jun 2024 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Visual Studio • https://github.com/ynwarcs/CVE-2024-30052 • CWE-693: Protection Mechanism Failure •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-29060 – Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-29060
11 Jun 2024 — Visual Studio Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29060 • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0CVE-2024-30046 – Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-30046
14 May 2024 — Visual Studio Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de Visual Studio A flaw was found in ASP.NET Core. A deadlock condition can be triggered in Http2OutputProducer.Stop(), which may lead to a denial of service. It was discovered that .NET did not properly handle memory in it's Double Parse routine. An attacker could possibly use this issue to achieve remote code execution. It was discovered that .NET did not properly handle the usage of a shared resource. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30046 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-833: Deadlock •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2024-30045 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30045
14 May 2024 — .NET and Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de .NET y Visual Studio A remote code execution vulnerability exists in .NET 7.0 and .NET 8.0. A stack buffer overrun occurs in the .NET Double Parse routine. It was discovered that .NET did not properly handle memory in it's Double Parse routine. An attacker could possibly use this issue to achieve remote code execution. It was discovered that .NET did not properly handle the usage of a shared resource. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30045 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •