CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-41119 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-41119
09 Nov 2022 — Visual Studio Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código de Visual Studio • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41119 •
CVSS: 7.8EPSS: 14%CPEs: 11EXPL: 1CVE-2022-41032 – NuGet Client Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-41032
11 Oct 2022 — NuGet Client Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en el cliente NuGet A vulnerability was found in dotnet. This flaw allows an attacker to triage a NuGet cache poisoning on Linux via a world-writable cache directory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions a... • https://github.com/ethomson/cve-2022-41032 • CWE-269: Improper Privilege Management CWE-524: Use of Cache Containing Sensitive Information •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2022-38013 – .NET Core and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-38013
13 Sep 2022 — .NET Core and Visual Studio Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en .NET Core and Visual Studio .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.109 and Runtime 6.0.9. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CUL3Z7MEED7RFQZVGQL2MTKSFFZKAAY • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 2%CPEs: 8EXPL: 0CVE-2022-35827 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35827
09 Aug 2022 — Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2022-35777, CVE-2022-35825, CVE-2022-35826 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35827 •
CVSS: 10.0EPSS: 2%CPEs: 8EXPL: 0CVE-2022-35826 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35826
09 Aug 2022 — Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2022-35777, CVE-2022-35825, CVE-2022-35827 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35826 •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2022-35825 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35825
09 Aug 2022 — Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2022-35777, CVE-2022-35826, CVE-2022-35827 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX fil... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35825 •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2022-35777 – Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35777
09 Aug 2022 — Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Visual Studio. Este ID de CVE es diferente de CVE-2022-35825, CVE-2022-35826, CVE-2022-35827 • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35777 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2022-30184 – .NET and Visual Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-30184
15 Jun 2022 — .NET and Visual Studio Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información en .NET y Visual Studio .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 3.1.420 and .NET Runtime 3.1.26. Issues addressed include a password leak vulnerability. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DMP34G53EA2DBTBLFOAQCDZRRENE2EA2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2022-29145 – .NET and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-29145
10 May 2022 — .NET and Visual Studio Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en .NET y Visual Studio. Este ID de CVE es diferente de CVE-2022-23267, CVE-2022-29117 A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of the ASP.NET FormFeature.cs causing a denial of service when HTML forms are parsed. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New ve... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO • CWE-551: Incorrect Behavior Order: Authorization Before Parsing and Canonicalization •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2022-29117 – .NET and Visual Studio Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-29117
10 May 2022 — .NET and Visual Studio Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en .NET y Visual Studio. Este ID de CVE es diferente de CVE-2022-23267, CVE-2022-29145 A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that many chunks. .NET Core is a man... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO • CWE-565: Reliance on Cookies without Validation and Integrity Checking •