nuget

842 tracked vulnerabilities.

CVE-2023-33128 HIGH
Microsoft .NET and Visual Studio - Use-After-Free Remote Code Execution
Jun 14, 2023
CVSS 7.3
EPSS 0.01
CVE-2023-33126 HIGH
Microsoft .NET 6/7 and Visual Studio - Remote Code Execution
Jun 14, 2023
CVSS 7.3
EPSS 0.01
CVE-2023-34230 HIGH
snowflake-connector-net < 2.0.18 - Remote Code Execution via SSO URL Authentication
Jun 08, 2023
CVSS 7.3
EPSS 0.04
CVE-2023-2862 LOW
SiteServer CMS < 7.2.1 - Cross-Site Scripting via ajaxDivId Parameter
May 24, 2023
CVSS 3.5
EPSS 0.01
CVE-2023-31287 HIGH
Serenity Serene <6.7.0 - Info Disclosure
Apr 27, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-31286 MEDIUM
Serenity Serene <6.7.0 - Info Disclosure
Apr 27, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-31285 MEDIUM
Serenity Serene < 6.7.0 - Stored Cross-Site Scripting via HTML File Upload
Apr 27, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-30626 HIGH
Jellyfin 10.8.0-10.8.9 - Path Traversal and Arbitrary File Write via ClientLogController
Apr 24, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-28260 HIGH
.NET 6.0.0-6.0.15 and 7.0.0-7.0.4 - Remote Code Execution via DLL Hijacking
Apr 11, 2023
CVSS 7.8
EPSS 0.02
CVE-2023-28638 HIGH
Snappier 1.1.0 - Buffer Overrun via Garbage Collection Compaction
Mar 27, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-1289 MEDIUM
ImageMagick < 7.1.1-0 - Denial of Service via Crafted SVG File
Mar 23, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-21808 HIGH
Microsoft .NET Framework and Visual Studio - Use-After-Free Remote Code Execution
Feb 14, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-0493 MEDIUM
BTCPay Server < 1.7.5 - HTML Injection
Jan 26, 2023
CVSS 5.3
EPSS 0.10
CVE-2023-21893 HIGH
Oracle Data Provider for .NET <21c - RCE
Jan 18, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-21538 HIGH
.NET - Denial of Service via Untrusted Data Deserialization
Jan 10, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-23535 HIGH
LiteDB < 5.0.13 - Deserialization of Untrusted Data via BsonDocument _type Field
Feb 24, 2023
CVSS 7.3
EPSS 0.01
CVE-2022-48282 MEDIUM
MongoDB C# Driver < 2.19.0 - Authenticated Remote Code Execution via Untrusted Data Deserialization
Feb 21, 2023
CVSS 6.6
EPSS 0.01
CVE-2022-41089 HIGH
.NET Framework - Remote Code Execution
Dec 13, 2022
CVSS 7.8
EPSS 0.05
CVE-2022-23494 MEDIUM
TinyMCE < 5.10.7 and 6.0.0-6.3.1 - Cross-Site Scripting via Alert and Confirm Dialogs
Dec 08, 2022
CVSS 5.4
EPSS 0.02
CVE-2022-41954 LOW
mpxj < 10.14.1 - Insecure Temporary File Permissions on Unix-like Systems
Nov 25, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-41064 MEDIUM
.NET Framework - Information Disclosure
Nov 09, 2022
CVSS 5.8
EPSS 0.00
CVE-2022-41032 HIGH
NuGet Client - Privilege Escalation
Oct 11, 2022
CVSS 7.8
EPSS 0.20
CVE-2022-32173 MEDIUM
OrchardCore 1.0.0-rc1-11259-1.2.2 - Authenticated HTML Injection in Dashboard
Oct 03, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-2922 MEDIUM
Dnnsoftware Dotnetnuke < 9.11.0 - Path Traversal
Sep 30, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-39256 CRITICAL
Orckestra C1 CMS < 6.13 - Authenticated Remote Code Execution via Untrusted Data Deserialization
Sep 27, 2022
CVSS 9.0
EPSS 0.02
Products
Microsoft.ChakraCore 247 Magick.NET-Q16-AnyCPU 86 Magick.NET-Q16-HDRI-AnyCPU 86 Magick.NET-Q8-AnyCPU 86 Magick.NET-Q16-HDRI-x86 85 Magick.NET-Q16-x86 85 Magick.NET-Q8-x86 84 Magick.NET-Q16-HDRI-OpenMP-arm64 83 Magick.NET-Q16-HDRI-x64 83 Magick.NET-Q16-OpenMP-arm64 83 Magick.NET-Q16-OpenMP-x64 83 Magick.NET-Q16-arm64 83 Magick.NET-Q16-HDRI-arm64 82 Magick.NET-Q8-OpenMP-arm64 82 Magick.NET-Q8-arm64 82 Magick.NET-Q16-x64 79 Magick.NET-Q8-OpenMP-x64 79 Magick.NET-Q8-x64 76 Magick.NET-Q16-HDRI-OpenMP-x64 69 Magick.NET-Q16-OpenMP-x86 57 DotNetNuke.Core 35 Microsoft.AspNetCore.App.Runtime.win-x64 25 Microsoft.AspNetCore.App.Runtime.win-x86 25 Microsoft.AspNetCore.App.Runtime.win-arm 24 Microsoft.AspNetCore.App.Runtime.linux-arm 22 Microsoft.AspNetCore.App.Runtime.linux-arm64 22 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 22 Microsoft.AspNetCore.App.Runtime.linux-x64 22 Microsoft.AspNetCore.App.Runtime.osx-x64 22 Microsoft.AspNetCore.App.Runtime.win-arm64 22
Quick Filters
Critical CVEs With Exploits In CISA KEV