nuget

842 tracked vulnerabilities.

CVE-2024-41132 MEDIUM
ImageSharp < 2.1.9 - Denial of Service via Gif Decoder
Jul 22, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-41131 HIGH
ImageSharp 2.1.0-2.1.8 - Out-of-bounds Write in GIF Decoder
Jul 22, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-40636 MEDIUM
Steeltoe.Discovery.Eureka < 3.2.8 - Sensitive Information Exposure in Log Files via Eureka Server Service URLs
Jul 17, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-38095 HIGH
.NET 8.0.0-8.0.6 - Denial of Service
Jul 09, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-38081 HIGH
Microsoft .NET and .NET Framework - Elevation of Privilege
Jul 09, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-35264 HIGH
.NET 8.0.0-8.0.6 - Remote Code Execution via Use-After-Free
Jul 09, 2024
CVSS 8.1
EPSS 0.04
CVE-2024-30105 HIGH
.NET 8.0.0-8.0.6 and Visual Studio 2022 17.4.0-17.4.20 - Denial of Service
Jul 09, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-39677 MEDIUM
NHibernate < 5.4.9 - SQL Injection via ILiteralType.ObjectToSQLString
Jul 08, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-33862 HIGH
OPCFoundation.NetStandard.Opc.Ua.Core < 1.5.374.54 - Denial of Service via Excessive Message Buffer Allocation
Jul 05, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-38357 MEDIUM
TinyMCE <7.2.0, <6.8.4, <5.11.0 - XSS
Jun 19, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-38356 MEDIUM
TinyMCE <7.2.0, <6.8.4, <5.11.0 - XSS
Jun 19, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-35255 MEDIUM
Microsoft Authentication Library and Azure Identity SDK - Elevation of Privilege via Race Condition
Jun 11, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-35252 HIGH
Azure Storage Data Movement Library < 2.0.5 - Denial of Service
Jun 11, 2024
CVSS 7.5
EPSS 0.05
CVE-2024-35240 MEDIUM
Umbraco.Commerce 12.0.0-12.1.3 and < 10.0.5 - Stored Cross-Site Scripting in Print Functionality
May 28, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-35239 LOW
Umbraco Forms <8.13.13, 13.0.0-13.0.1 - Authenticated Stored Cross-Site Scripting in Forms Components
May 28, 2024
CVSS 2.7
EPSS 0.01
CVE-2024-35218 MEDIUM
Umbraco CMS 8.0.0-8.18.13 - Stored Cross-Site Scripting
May 21, 2024
CVSS 4.2
EPSS 0.01
CVE-2024-34071 MEDIUM
Umbraco CMS 8.18.5-8.18.14 - Authenticated Open Redirect
May 21, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-30054 MEDIUM
Microsoft Power BI Client JavaScript SDK - Info Disclosure
May 14, 2024
CVSS 6.5
EPSS 0.12
CVE-2024-30046 MEDIUM
.NET 7.0.0-7.0.18 and Visual Studio 2022 17.4.0-17.4.18 - Denial of Service
May 14, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-30045 MEDIUM
Microsoft .NET and Visual Studio - Buffer Overflow Remote Code Execution
May 14, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-32655 HIGH
Npgsql SQL Injection via Integer Overflow in WriteBind
May 14, 2024
CVSS 8.1
EPSS 0.02
CVE-2024-30172 HIGH
Bouncy Castle <1.78 - Info Disclosure
May 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-30171 MEDIUM
Bouncy Castle Java TLS API & JSSE Provider <1.78 - Info Disclosure
May 14, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-29857 HIGH
Bouncy Castle Java <1.78 - DoS
May 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-32872 MEDIUM
Umbraco.Workflow < 10.3.9, < 12.2.6, < 13.0.6 - Authenticated SQL Injection via API Endpoint
Apr 24, 2024
CVSS 5.5
EPSS 0.00
Products
Microsoft.ChakraCore 247 Magick.NET-Q16-AnyCPU 86 Magick.NET-Q16-HDRI-AnyCPU 86 Magick.NET-Q8-AnyCPU 86 Magick.NET-Q16-HDRI-x86 85 Magick.NET-Q16-x86 85 Magick.NET-Q8-x86 84 Magick.NET-Q16-HDRI-OpenMP-arm64 83 Magick.NET-Q16-HDRI-x64 83 Magick.NET-Q16-OpenMP-arm64 83 Magick.NET-Q16-OpenMP-x64 83 Magick.NET-Q16-arm64 83 Magick.NET-Q16-HDRI-arm64 82 Magick.NET-Q8-OpenMP-arm64 82 Magick.NET-Q8-arm64 82 Magick.NET-Q16-x64 79 Magick.NET-Q8-OpenMP-x64 79 Magick.NET-Q8-x64 76 Magick.NET-Q16-HDRI-OpenMP-x64 69 Magick.NET-Q16-OpenMP-x86 57 DotNetNuke.Core 35 Microsoft.AspNetCore.App.Runtime.win-x64 25 Microsoft.AspNetCore.App.Runtime.win-x86 25 Microsoft.AspNetCore.App.Runtime.win-arm 24 Microsoft.AspNetCore.App.Runtime.linux-arm 22 Microsoft.AspNetCore.App.Runtime.linux-arm64 22 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 22 Microsoft.AspNetCore.App.Runtime.linux-x64 22 Microsoft.AspNetCore.App.Runtime.osx-x64 22 Microsoft.AspNetCore.App.Runtime.win-arm64 22
Quick Filters
Critical CVEs With Exploits In CISA KEV