nuget

901 tracked vulnerabilities.

CVE-2020-29454 MEDIUM
Umbraco CMS < 8.9.1 - Incorrect Authorization in LogViewer Endpoint
Dec 02, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-17054 MEDIUM
Chakra Scripting Engine - Memory Corruption
Nov 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-17048 MEDIUM
Chakra Scripting Engine - Memory Corruption
Nov 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-16009 HIGH KEV
CefSharp < 86.0.241 - Remote Code Execution via V8 Type Confusion
Nov 03, 2020
CVSS 8.8
EPSS 0.49
CVE-2020-15999 CRITICAL KEV
Google Chrome < 86.0.4240.111 - Remote Code Execution via Freetype Heap Buffer Overflow
Nov 03, 2020
CVSS 9.6
EPSS 0.51
CVE-2020-28042 MEDIUM
ServiceStack < 5.9.2 - JWT Signature Verification Bypass
Nov 02, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-27998 CRITICAL
FastReport < 2020.4.0 - Missing Authorization for Script Security Features
Oct 29, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-8927 MEDIUM
Brotli < 1.0.8 - Denial of Service via One-Shot Decompression Buffer Overflow
Sep 15, 2020
CVSS 5.3
EPSS 0.03
CVE-2020-1180 MEDIUM
ChakraCore < 1.11.22 - Remote Code Execution via Memory Corruption
Sep 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-1172 MEDIUM
ChakraCore < 1.11.22 - Remote Code Execution via Memory Corruption
Sep 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-1057 MEDIUM
Microsoft ChakraCore Scripting Engine - Memory Corruption Code Execution
Sep 11, 2020
CVSS 4.2
EPSS 0.02
CVE-2020-1045 HIGH
Microsoft ASP.NET Core - Auth Bypass
Sep 11, 2020
CVSS 7.5
EPSS 0.07
CVE-2020-1597 HIGH
ASP.NET Core - Unauthenticated Denial of Service via Specially Crafted Requests
Aug 17, 2020
CVSS 7.5
EPSS 0.07
CVE-2020-7685 MEDIUM
Umbraco Forms - Insecure Default File Upload Configuration
Jul 28, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-1469 HIGH
Bond 3.0.0-9.0.0 - Denial of Service via Improper Input Parsing
Jul 14, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-1147 HIGH KEV
.NET Framework, SharePoint Server, and Visual Studio - Remote Code Execution via XML Input Deserialization
Jul 14, 2020
CVSS 7.8
EPSS 0.94
CVE-2020-15015 MEDIUM
GleamTech FileUltimate 6.1.5.0 - XSS
Jun 24, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-1073 HIGH
Microsoft Edge and ChakraCore < 1.11.20 - Remote Code Execution via Memory Corruption
Jun 09, 2020
CVSS 8.1
EPSS 0.09
CVE-2020-1161 HIGH
ASP.NET Core - Denial of Service via Improper Web Request Handling
May 21, 2020
CVSS 7.5
EPSS 0.06
CVE-2020-1108 HIGH
.NET Core >=2.1 <2.1.18 and .NET Framework - Denial of Service via Web Request Handling
May 21, 2020
CVSS 7.5
EPSS 0.12
CVE-2020-1065 HIGH
ChakraCore < 1.11.19 - Remote Code Execution via Memory Corruption
May 21, 2020
CVSS 7.5
EPSS 0.08
CVE-2020-1037 HIGH
Microsoft Edge - Remote Code Execution via Chakra Scripting Engine Memory Corruption
May 21, 2020
CVSS 7.5
EPSS 0.08
CVE-2020-7656 MEDIUM
jQuery < 1.9.0 - Cross-Site Scripting via Load Method
May 19, 2020
CVSS 6.1
EPSS 0.06
CVE-2020-11022 MEDIUM
jQuery 1.12.0-3.4.1 - Cross-Site Scripting via DOM Manipulation Methods
Apr 29, 2020
CVSS 6.9
EPSS 0.99
CVE-2020-11023 MEDIUM KEV
jQuery <3.5.0 - XSS
Apr 29, 2020
CVSS 6.9
EPSS 0.84