CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2019-1301 – dotnet: System.Net.Sockets.dll Socket.ConnectAsync Denial of Service
https://notcve.org/view.php?id=CVE-2019-1301
11 Sep 2019 — A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'. Se presenta una vulnerabilidad de denegación de servicio cuando .NET Core maneja inapropiadamente las peticiones web, también se conoce como ".NET Core Denial of Service Vulnerability". NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that addre... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1301 • CWE-20: Improper Input Validation •
CVSS: 4.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1167
https://notcve.org/view.php?id=CVE-2019-1167
19 Jul 2019 — A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. Se presenta una vulnerabilidad de omisión de característica de seguridad en Windows Defender Application Control (WDAC), que podría permitir a un atacante omitir la aplicación de WDAC, también se conoce como "Windows Defender Application Control Security Feature Bypass Vulnerab... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1167 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2019-0627
https://notcve.org/view.php?id=CVE-2019-0627
05 Mar 2019 — A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632. Existe una vulnerabilidad de omisión de la característica de seguridad en Windows que podría permitir que un atacante omita Device Guard. Esto también se conoce como "Windows Security Feature Bypass Vulnerability". El ID de este CVE es diferente de CVE-2019-0631 y CVE-2019-0632. • http://www.securityfocus.com/bid/106857 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2019-0631
https://notcve.org/view.php?id=CVE-2019-0631
05 Mar 2019 — A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632. Existe una vulnerabilidad de omisión de la característica de seguridad en Windows que podría permitir que un atacante omita Device Guard. Esto también se conoce como "Windows Security Feature Bypass Vulnerability". El ID de este CVE es diferente de CVE-2019-0627 y CVE-2019-0632. • http://www.securityfocus.com/bid/106875 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2019-0632
https://notcve.org/view.php?id=CVE-2019-0632
05 Mar 2019 — A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631. Existe una vulnerabilidad de omisión de la característica de seguridad en Windows que podría permitir que un atacante omita Device Guard. Esto también se conoce como "Windows Security Feature Bypass Vulnerability". El ID de este CVE es diferente de CVE-2019-0627 y CVE-2019-0631. • http://www.securityfocus.com/bid/106880 •
CVSS: 7.5EPSS: 2%CPEs: 72EXPL: 0CVE-2019-0657 – dotnet: Domain-spoofing attack in System.Uri
https://notcve.org/view.php?id=CVE-2019-0657
14 Feb 2019 — A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'. Existe una vulnerabilidad en determinadas API de .Net Framework y en Visual Studio en la manera en la que analizan sintácticamente las URL. Esto también se conoce como ".NET Framework and Visual Studio Spoofing Vulnerability". .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and i... • http://www.securityfocus.com/bid/106890 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 17%CPEs: 20EXPL: 0CVE-2018-8256
https://notcve.org/view.php?id=CVE-2018-8256
14 Nov 2018 — A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1. Existe una vulnerabilidad de ejecución remota de código cuando Powe... • http://www.securityfocus.com/bid/105781 •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2018-8415
https://notcve.org/view.php?id=CVE-2018-8415
14 Nov 2018 — A tampering vulnerability exists in PowerShell that could allow an attacker to execute unlogged code, aka "Microsoft PowerShell Tampering Vulnerability." This affects Windows 7, PowerShell Core 6.1, Windows Server 2012 R2, Windows RT 8.1, PowerShell Core 6.0, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. Existe una vulnerabilidad de falsificación en PowerShell que podría permitir que un atacante ejecute código no registrad... • http://www.securityfocus.com/bid/105792 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 60EXPL: 0CVE-2018-8356 – Microsoft Security Bulletin CVE Revision Increment for July, 2018
https://notcve.org/view.php?id=CVE-2018-8356
11 Jul 2018 — A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET C... • http://www.securityfocus.com/bid/104664 • CWE-295: Improper Certificate Validation •