CVE-2023-33126 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-33126
.NET and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126 •
CVE-2023-32032 – .NET and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-32032
.NET and Visual Studio Elevation of Privilege Vulnerability A vulnerability was found in dotnet. This issue can cause an elevation of privilege when the TarFile.ExtractToDirectory ignores the extraction directory argument. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32032 https://access.redhat.com/security/cve/CVE-2023-32032 https://bugzilla.redhat.com/show_bug.cgi?id=2212615 • CWE-20: Improper Input Validation •
CVE-2023-28260 – .NET DLL Hijacking Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-28260
.NET DLL Hijacking Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260 •
CVE-2023-21808 – .NET and Visual Studio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21808
.NET and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808 • CWE-416: Use After Free •
CVE-2019-1006
https://notcve.org/view.php?id=CVE-2019-1006
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. Se presenta una vulnerabilidad de omisión de autenticación en Windows Communication Foundation (WCF) y Windows Identity Foundation (WIF), permitiendo la firma de tokens SAML con claves simétricas arbitrarias, también se conoce como "WCF/WIF SAML Token Authentication Bypass Vulnerability". • https://github.com/521526/CVE-2019-1006 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006 • CWE-295: Improper Certificate Validation •