Page 6 of 30 results (0.008 seconds)

CVSS: 7.3EPSS: 0%CPEs: 6EXPL: 0

.NET and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126 •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

.NET and Visual Studio Elevation of Privilege Vulnerability A vulnerability was found in dotnet. This issue can cause an elevation of privilege when the TarFile.ExtractToDirectory ignores the extraction directory argument. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32032 https://access.redhat.com/security/cve/CVE-2023-32032 https://bugzilla.redhat.com/show_bug.cgi?id=2212615 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

.NET DLL Hijacking Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28260 •

CVSS: 7.8EPSS: 0%CPEs: 96EXPL: 0

.NET and Visual Studio Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808 • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 91EXPL: 1

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'. Se presenta una vulnerabilidad de omisión de autenticación en Windows Communication Foundation (WCF) y Windows Identity Foundation (WIF), permitiendo la firma de tokens SAML con claves simétricas arbitrarias, también se conoce como "WCF/WIF SAML Token Authentication Bypass Vulnerability". • https://github.com/521526/CVE-2019-1006 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006 • CWE-295: Improper Certificate Validation •