nuget

842 tracked vulnerabilities.

CVE-2020-1172 MEDIUM
ChakraCore < 1.11.22 - Remote Code Execution via Memory Corruption
Sep 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-1057 MEDIUM
Microsoft ChakraCore Scripting Engine - Memory Corruption Code Execution
Sep 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-1045 HIGH
Microsoft ASP.NET Core - Auth Bypass
Sep 11, 2020
CVSS 7.5
EPSS 0.20
CVE-2020-1597 HIGH
ASP.NET Core - Unauthenticated Denial of Service via Specially Crafted Requests
Aug 17, 2020
CVSS 7.5
EPSS 0.08
CVE-2020-7685 MEDIUM
Umbraco Forms - Insecure Default File Upload Configuration
Jul 28, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-1469 HIGH
Bond 3.0.0-9.0.0 - Denial of Service via Improper Input Parsing
Jul 14, 2020
CVSS 7.5
EPSS 0.06
CVE-2020-1147 HIGH KEV
.NET Framework, SharePoint Server, and Visual Studio - Remote Code Execution via XML Input Deserialization
Jul 14, 2020
CVSS 7.8
EPSS 0.93
CVE-2020-15015 MEDIUM
GleamTech FileUltimate 6.1.5.0 - XSS
Jun 24, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-1073 HIGH
Microsoft Edge and ChakraCore < 1.11.20 - Remote Code Execution via Memory Corruption
Jun 09, 2020
CVSS 8.1
EPSS 0.16
CVE-2020-1161 HIGH
ASP.NET Core - Denial of Service via Improper Web Request Handling
May 21, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-1108 HIGH
.NET Core >=2.1 <2.1.18 and .NET Framework - Denial of Service via Web Request Handling
May 21, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-1065 HIGH
ChakraCore < 1.11.19 - Remote Code Execution via Memory Corruption
May 21, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-1037 HIGH
Microsoft Edge - Remote Code Execution via Chakra Scripting Engine Memory Corruption
May 21, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-7656 MEDIUM
jQuery < 1.9.0 - Cross-Site Scripting via Load Method
May 19, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-11022 MEDIUM
jQuery 1.12.0-3.4.1 - Cross-Site Scripting via DOM Manipulation Methods
Apr 29, 2020
CVSS 6.9
EPSS 0.02
CVE-2020-11023 MEDIUM KEV
jQuery <3.5.0 - XSS
Apr 29, 2020
CVSS 6.9
EPSS 0.35
CVE-2020-8867 HIGH
OPC Foundation UA .NET Standard 1.04.358.30 - DoS
Apr 22, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-5268 MEDIUM
Sustainsys.Saml2 < 1.0.2 and 2.0.0-2.6.0 - Improper Authentication via Token Subject Confirmation Bypass
Apr 21, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-0970 HIGH
ChakraCore < 1.11.18 - Remote Code Execution via Memory Corruption
Apr 15, 2020
CVSS 7.5
EPSS 0.38
CVE-2020-0969 HIGH
Microsoft Edge - Remote Code Execution via Chakra Scripting Engine Memory Corruption
Apr 15, 2020
CVSS 7.5
EPSS 0.38
CVE-2020-11005 MEDIUM
WindowsHello <1.0.4 - Info Disclosure
Apr 14, 2020
CVSS 5.1
EPSS 0.00
CVE-2020-5261 HIGH
Sustainsys.Saml2 >2.0.0 <2.5.0 - Privilege Escalation
Mar 25, 2020
CVSS 8.2
EPSS 0.00
CVE-2020-9472 MEDIUM
Umbraco CMS < 8.5.4 - Authenticated Remote Code Execution via Install Package File Upload
Mar 16, 2020
CVSS 6.5
EPSS 0.02
CVE-2020-9471 HIGH
Umbraco CMS 8.5.3 - Authenticated Remote Code Execution via Install Packages File Upload
Mar 16, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-0848 HIGH
ChakraCore < 1.11.17 - Remote Code Execution via Memory Corruption
Mar 12, 2020
CVSS 7.5
EPSS 0.04
Products
Microsoft.ChakraCore 247 Magick.NET-Q16-AnyCPU 86 Magick.NET-Q16-HDRI-AnyCPU 86 Magick.NET-Q8-AnyCPU 86 Magick.NET-Q16-HDRI-x86 85 Magick.NET-Q16-x86 85 Magick.NET-Q8-x86 84 Magick.NET-Q16-HDRI-OpenMP-arm64 83 Magick.NET-Q16-HDRI-x64 83 Magick.NET-Q16-OpenMP-arm64 83 Magick.NET-Q16-OpenMP-x64 83 Magick.NET-Q16-arm64 83 Magick.NET-Q16-HDRI-arm64 82 Magick.NET-Q8-OpenMP-arm64 82 Magick.NET-Q8-arm64 82 Magick.NET-Q16-x64 79 Magick.NET-Q8-OpenMP-x64 79 Magick.NET-Q8-x64 76 Magick.NET-Q16-HDRI-OpenMP-x64 69 Magick.NET-Q16-OpenMP-x86 57 DotNetNuke.Core 35 Microsoft.AspNetCore.App.Runtime.win-x64 25 Microsoft.AspNetCore.App.Runtime.win-x86 25 Microsoft.AspNetCore.App.Runtime.win-arm 24 Microsoft.AspNetCore.App.Runtime.linux-arm 22 Microsoft.AspNetCore.App.Runtime.linux-arm64 22 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 22 Microsoft.AspNetCore.App.Runtime.linux-x64 22 Microsoft.AspNetCore.App.Runtime.osx-x64 22 Microsoft.AspNetCore.App.Runtime.win-arm64 22
Quick Filters
Critical CVEs With Exploits In CISA KEV