CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2022-41032 – NuGet Client Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41032
NuGet Client Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en el cliente NuGet A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOG35Z5RL5W5RGLLYLN46CI4D2UPDSWM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDPT2MJC3HD7HYZGASOOX6MTDR4ASBL5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7BMHO5ITRBZREVTEKHQRGSFRPDMALV3 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41032 https://access.redhat.com/security/cve/CVE-2022-41032 https://bugzilla.redhat.com/sho • CWE-524: Use of Cache Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2022-38013 – .NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-38013
.NET Core and Visual Studio Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en .NET Core and Visual Studio • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7HCV4TQGOTOFHO5ETRKGFKAGYV2YAUVE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JA6F4CDKLI3MALV6UK3P2DR5AGCLTT7Y https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4K5YL7USOKIR3O2DUKBZMYPWXYPDKXG https://lists.fedoraproject.org/archives/list/package-announce%40li • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2022-35827 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35827
Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2022-35777, CVE-2022-35825, CVE-2022-35826 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827 •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2022-35826 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35826
Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2022-35777, CVE-2022-35825, CVE-2022-35827 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826 •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2022-35825 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35825
Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2022-35777, CVE-2022-35826, CVE-2022-35827 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. Crafted data in an FBX file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825 •