CVSS: 7.8EPSS: 4%CPEs: 9EXPL: 0CVE-2021-31204 – .NET and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-31204
11 May 2021 — .NET and Visual Studio Elevation of Privilege Vulnerability Una vulnerabilidad de Escalada de Privilegios de .NET y Visual Studio A flaw was found in dotnet. A .NET Core single-file application running with elevated permissions could allow an attacker to gain elevated privileges. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it in... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4F3VM3RMPE7PNNLLI3BPCSAXITQZCFCA • CWE-273: Improper Check for Dropped Privileges •
CVSS: 8.8EPSS: 7%CPEs: 3EXPL: 0CVE-2021-27068 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27068
11 May 2021 — Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Visual Studio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27068 •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2021-28322 – Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-28322
13 Apr 2021 — Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Diagnostics Hub Standard Collector Service. Este ID de CVE es diferente de CVE-2021-28313, CVE-2021-28321 Microsoft Diaghub suffers from a privilege escalation vulnerability. • https://packetstorm.news/files/id/162251 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 1CVE-2021-28321 – Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-28321
13 Apr 2021 — Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Diagnostics Hub Standard Collector Service. Este ID de CVE es diferente de CVE-2021-28313, CVE-2021-28322 Microsoft Diaghub suffers from a privilege escalation vulnerability. • https://packetstorm.news/files/id/162251 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 1CVE-2021-28313 – Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-28313
13 Apr 2021 — Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Una Vulnerabilidad de elevación de privilegios del Diagnostics Hub Standard Collector Service. Este ID de CVE es diferente de CVE-2021-28321, CVE-2021-28322 Microsoft Diaghub suffers from a privilege escalation vulnerability. • https://packetstorm.news/files/id/162251 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27064 – Visual Studio Installer Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-27064
13 Apr 2021 — Visual Studio Installer Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Visual Studio Installer • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064 •
CVSS: 9.8EPSS: 1%CPEs: 10EXPL: 0CVE-2021-26701 – .NET Core Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-26701
25 Feb 2021 — .NET Core Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de .NET Core. Este ID de CVE es diferente de CVE-2021-24112 A remote code execution vulnerability was found in dotnet in the System.Text.Encodings.Web package, caused by a buffer overrun. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and i... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2AZOUKMCHT2WBHR7MYDTYXWOBHZW5P5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2020-8927 – Buffer overflow in Brotli library
https://notcve.org/view.php?id=CVE-2020-8927
15 Sep 2020 — A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. Se presenta un desbordamiento del búfer en la biblioteca Brotli ... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00108.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-130: Improper Handling of Length Parameter Inconsistency •