nuget

901 tracked vulnerabilities.

CVE-2021-42655 HIGH
SiteServer CMS 6.15.51 - SQL Injection
May 24, 2022
CVSS 8.8
EPSS 0.01
CVE-2021-33318 CRITICAL
Joel Christner .NET C# packages - Input Validation Vulnerability
May 16, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-46703 CRITICAL
Antaris RazorEngine <4.5.1-alpha001 - RCE
Mar 06, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-32841 MEDIUM
SharpZipLib <1.3.3 - Path Traversal
Jan 26, 2022
CVSS 4.0
EPSS 0.01
CVE-2021-32842 MEDIUM
SharpZipLib <1.3.3 - Path Traversal
Jan 26, 2022
CVSS 4.0
EPSS 0.01
CVE-2021-32840 HIGH
SharpZipLib <1.3.3 - Path Traversal
Jan 26, 2022
CVSS 7.3
EPSS 0.02
CVE-2021-22570 MEDIUM
Google Protobuf < 3.15.0 - Null Pointer Dereference via Proto Symbol Parsing
Jan 26, 2022
CVSS 6.5
EPSS 0.03
CVE-2021-43045 HIGH
Apache Avro < 1.11.0 - Denial of Service via Resource Allocation
Jan 06, 2022
CVSS 7.5
EPSS 0.03
CVE-2021-43853 HIGH
Ajax.NET Professional < 21.12.22.1 - JavaScript Object Injection via JSON Parsing
Dec 22, 2021
CVSS 8.7
EPSS 0.01
CVE-2021-23758 HIGH
ajaxpro.2 < 21.10.30.1 and AjaxNetProfessional < 21.11.29.1 - Remote Code Execution via Untrusted Data Deserialization
Dec 03, 2021
CVSS 8.1
EPSS 0.89
CVE-2021-44150 HIGH
tusdotnet < 2.5.0 - Inadequate Encryption Strength via SHA-1
Nov 22, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-25976 HIGH
PiranhaCMS 4.0.0-alpha1-9.2.0 - Cross-Site Request Forgery
Nov 16, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-42279 MEDIUM
Microsoft ChakraCore - Out-of-bounds Write in Scripting Engine
Nov 10, 2021
CVSS 4.2
EPSS 0.02
CVE-2021-43569 CRITICAL
Stark Bank .NET ECDSA <1.3.1 - Code Injection
Nov 09, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-41238 HIGH
Hangfire 1.7.25 - Missing Authorization in Dashboard UI
Nov 02, 2021
CVSS 8.6
EPSS 0.01
CVE-2021-41184 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Position Utility 'of' Option
Oct 26, 2021
CVSS 6.5
EPSS 0.45
CVE-2021-41183 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Datepicker Widget *Text Options
Oct 26, 2021
CVSS 6.5
EPSS 0.08
CVE-2021-41182 MEDIUM
jQuery UI < 1.13.0 - Cross-Site Scripting via Datepicker altField Option
Oct 26, 2021
CVSS 6.5
EPSS 0.42
CVE-2021-25977 MEDIUM
Piranha CMS 7.0.0-9.1.1 - Stored Cross-Site Scripting via Page Title
Oct 25, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-41355 MEDIUM
.NET Core and Visual Studio - Information Disclosure
Oct 13, 2021
CVSS 5.7
EPSS 0.20
CVE-2021-31819 CRITICAL
Halibut < 4.4.7 - Remote Code Execution via Deserialization
Sep 22, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-39208 MEDIUM
SharpCompress < 0.29.0 - Path Traversal via Destination Directory Slash Omission
Sep 16, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-23440 HIGH
set-value < 2.0.1 and 3.0.0-4.0.1 - Type Confusion via Array Path Parameter
Sep 12, 2021
CVSS 7.3
EPSS 0.02
CVE-2021-23428 HIGH
elFinder.NetCore - Path Traversal via Path.Combine
Sep 01, 2021
CVSS 8.6
EPSS 0.02
CVE-2021-23427 HIGH
elFinder.NetCore - Path Traversal and Arbitrary File Write via ExtractAsync Function
Sep 01, 2021
CVSS 8.6
EPSS 0.01