nuget

842 tracked vulnerabilities.

CVE-2021-26701 HIGH
.NET Core 2.1 < 2.1.28 and .NET 5.0 < 5.0.4 - Remote Code Execution
Feb 25, 2021
CVSS 8.1
EPSS 0.03
CVE-2021-24112 HIGH
Microsoft .NET System.Drawing.Common - Remote Code Execution
Feb 25, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-1721 MEDIUM
.NET 5.0 < 5.0.2 and .NET Core 2.1 < 2.1.24 - Denial of Service
Feb 25, 2021
CVSS 6.5
EPSS 0.09
CVE-2021-21252 MEDIUM
jQuery Validation Plugin <1.19.3 - DoS
Jan 13, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-1723 HIGH
ASP.NET Core 3.1-3.1.10 - Denial of Service
Jan 12, 2021
CVSS 7.5
EPSS 0.04
CVE-2020-36620 LOW
Brondahl EnumStringValues <4.0.0 - DoS
Dec 21, 2022
CVSS 3.5
EPSS 0.00
CVE-2020-15522 MEDIUM
Bouncycastle Bc-csharp < 1.8.7 - Race Condition
May 20, 2021
CVSS 5.9
EPSS 0.00
CVE-2020-29457 MEDIUM
OPC UA .NET Standard Stack <1.4.363.107 - Privilege Escalation
Feb 16, 2021
CVSS 4.4
EPSS 0.00
CVE-2020-16017 CRITICAL KEV
Google Chrome < 86.0.4240.198 - Use-After-Free in Site Isolation
Jan 08, 2021
CVSS 9.6
EPSS 0.21
CVE-2020-16013 HIGH KEV
Google Chrome < 86.0.4240.198 - Out-of-bounds Write via Crafted HTML Page
Jan 08, 2021
CVSS 8.8
EPSS 0.26
CVE-2020-26293 MEDIUM
HtmlSanitizer < 5.0.372 - Cross-Site Scripting Bypass via Style Tag
Jan 04, 2021
CVSS 6.1
EPSS 0.00
CVE-2020-5811 MEDIUM
Umbraco CMS <=8.9.1 - Path Traversal
Dec 30, 2020
CVSS 6.5
EPSS 0.03
CVE-2020-5809 MEDIUM
Umbraco CMS <= 8.9.1 - Authenticated Stored Cross-Site Scripting via TinyMCE Iframe Injection
Dec 30, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-20136 CRITICAL
QuantConnect Lean 2.3.0.0-2.4.0.1 - Deserialization of Untrusted Data via Json.NET TypeNameHandling Misconfiguration
Dec 14, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-7791 HIGH
i18n <2.1.15 - Info Disclosure
Dec 11, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-17131 MEDIUM
Chakra Scripting Engine - Memory Corruption
Dec 10, 2020
CVSS 4.2
EPSS 0.01
CVE-2020-29454 MEDIUM
Umbraco CMS < 8.9.1 - Incorrect Authorization in LogViewer Endpoint
Dec 02, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-17054 MEDIUM
Chakra Scripting Engine - Memory Corruption
Nov 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-17048 MEDIUM
Chakra Scripting Engine - Memory Corruption
Nov 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-16009 HIGH KEV
CefSharp < 86.0.241 - Remote Code Execution via V8 Type Confusion
Nov 03, 2020
CVSS 8.8
EPSS 0.84
CVE-2020-15999 CRITICAL KEV
Google Chrome < 86.0.4240.111 - Remote Code Execution via Freetype Heap Buffer Overflow
Nov 03, 2020
CVSS 9.6
EPSS 0.93
CVE-2020-28042 MEDIUM
ServiceStack < 5.9.2 - JWT Signature Verification Bypass
Nov 02, 2020
CVSS 5.3
EPSS 0.36
CVE-2020-27998 CRITICAL
FastReport < 2020.4.0 - Missing Authorization for Script Security Features
Oct 29, 2020
CVSS 9.8
EPSS 0.01
CVE-2020-8927 MEDIUM
Brotli < 1.0.8 - Denial of Service via One-Shot Decompression Buffer Overflow
Sep 15, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-1180 MEDIUM
ChakraCore < 1.11.22 - Remote Code Execution via Memory Corruption
Sep 11, 2020
CVSS 4.2
EPSS 0.02
Products
Microsoft.ChakraCore 247 Magick.NET-Q16-AnyCPU 86 Magick.NET-Q16-HDRI-AnyCPU 86 Magick.NET-Q8-AnyCPU 86 Magick.NET-Q16-HDRI-x86 85 Magick.NET-Q16-x86 85 Magick.NET-Q8-x86 84 Magick.NET-Q16-HDRI-OpenMP-arm64 83 Magick.NET-Q16-HDRI-x64 83 Magick.NET-Q16-OpenMP-arm64 83 Magick.NET-Q16-OpenMP-x64 83 Magick.NET-Q16-arm64 83 Magick.NET-Q16-HDRI-arm64 82 Magick.NET-Q8-OpenMP-arm64 82 Magick.NET-Q8-arm64 82 Magick.NET-Q16-x64 79 Magick.NET-Q8-OpenMP-x64 79 Magick.NET-Q8-x64 76 Magick.NET-Q16-HDRI-OpenMP-x64 69 Magick.NET-Q16-OpenMP-x86 57 DotNetNuke.Core 35 Microsoft.AspNetCore.App.Runtime.win-x64 25 Microsoft.AspNetCore.App.Runtime.win-x86 25 Microsoft.AspNetCore.App.Runtime.win-arm 24 Microsoft.AspNetCore.App.Runtime.linux-arm 22 Microsoft.AspNetCore.App.Runtime.linux-arm64 22 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 22 Microsoft.AspNetCore.App.Runtime.linux-x64 22 Microsoft.AspNetCore.App.Runtime.osx-x64 22 Microsoft.AspNetCore.App.Runtime.win-arm64 22
Quick Filters
Critical CVEs With Exploits In CISA KEV