CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-43877 – ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-43877
15 Dec 2021 — ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en ASP.NET Core y Visual Studio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43877 •
CVSS: 7.5EPSS: 2%CPEs: 72EXPL: 0CVE-2019-0657 – dotnet: Domain-spoofing attack in System.Uri
https://notcve.org/view.php?id=CVE-2019-0657
14 Feb 2019 — A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'. Existe una vulnerabilidad en determinadas API de .Net Framework y en Visual Studio en la manera en la que analizan sintácticamente las URL. Esto también se conoce como ".NET Framework and Visual Studio Spoofing Vulnerability". .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and i... • http://www.securityfocus.com/bid/106890 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 11%CPEs: 7EXPL: 0CVE-2014-3802 – Microsoft DIA SDK msdia.dll Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2014-3802
14 May 2014 — msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file. msdia.dll en Microsoft Debug Interface Access (DIA) SDK, distribuido en Microsoft Visual Studio anterior a 2013, no valida debidamente una variable no especificada antes ... • http://www.securityfocus.com/bid/67398 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 64%CPEs: 10EXPL: 0CVE-2008-4252
https://notcve.org/view.php?id=CVE-2008-4252
10 Dec 2008 — The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "DataGrid Control Memory Corruption Vulnerability." El control ActiveX DataGrid de Microsoft Visual Basic 6.0 y Visual FoxPro 8.0 SP1, y 9.0 SP1 y SP2, no maneja adecuadamente los errores en ... • http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 64%CPEs: 10EXPL: 0CVE-2008-4253
https://notcve.org/view.php?id=CVE-2008-4253
10 Dec 2008 — The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability." El control ActiveX FlexGrid en Microsoft Visual Basic v6.0, Visual FoxPro v8.0 SP1 y v... • http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 61%CPEs: 10EXPL: 0CVE-2008-4254
https://notcve.org/view.php?id=CVE-2008-4254
10 Dec 2008 — Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability." Múltiples desbordamientos de enteros en el co... • http://secunia.com/secunia_research/2007-72 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 64%CPEs: 10EXPL: 0CVE-2008-4256
https://notcve.org/view.php?id=CVE-2008-4256
10 Dec 2008 — The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "Charts Control Memory Corruption Vulnerability." El control ActiveX Charts en Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 y 2003 SP1, y V... • http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 53%CPEs: 10EXPL: 2CVE-2008-4255 – Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-4255
09 Dec 2008 — Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability." Un desbordamie... • https://www.exploit-db.com/exploits/7431 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 81%CPEs: 7EXPL: 4CVE-2008-3704 – Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-3704
18 Aug 2008 — Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not "validating property values with boundary checks," as exploited in the wild in August 2008, aka "Masked Edit Control Memory Corruption Vulnerability... • https://www.exploit-db.com/exploits/6244 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •