nuget

842 tracked vulnerabilities.

CVE-2025-52485 MEDIUM
Dnnsoftware Dotnetnuke < 10.0.1 - XSS
Jun 21, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-49015 MEDIUM
Couchbase .NET SDK <3.7.1 - SSL/TLS Info Disclosure
Jun 18, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-30399 HIGH
.NET & Visual Studio - Code Injection
Jun 13, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-48953 MEDIUM
Umbraco <15.4.2,16.0.0 - File Upload
Jun 03, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-48378 MEDIUM
DNN <9.13.9 - Cross-Site Scripting
May 23, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-48377 MEDIUM
DNN <9.13.9 - Cross-Site Scripting
May 23, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-48376 LOW
DNN < 9.13.9 Site Export - SuperUser External URL Import
May 23, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-26646 HIGH
Microsoft .NET, Visual Studio, and Build Tools - Path Spoofing via External Control of File Name or Path
May 13, 2025
CVSS 8.0
EPSS 0.00
CVE-2025-47280 MEDIUM
Umbraco Forms <13.4.2-15.1.2 - Info Disclosure
May 13, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-46736 MEDIUM
Umbraco <10.8.10, <13.8.1 - Info Disclosure
May 06, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-46326 LOW
Snowflake Connector <4.4.1 - Info Disclosure
Apr 28, 2025
CVSS 3.3
EPSS 0.00
CVE-2025-43858 CRITICAL
YoutubeDLSharp 1.0.0-beta4-1.1.1 - Command Injection via Windows Encoding Workaround
Apr 24, 2025
CVSS 9.2
EPSS 0.00
CVE-2025-3857 HIGH
Amazon.IonDotnet < 1.3.1 - Denial of Service via RawBinaryReader Binary Deserialization
Apr 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-29953 CRITICAL
Apache ActiveMQ NMS OpenWire Client <2.1.1 - Deserialization
Apr 18, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-32372 MEDIUM
Dnnsoftware Dotnetnuke < 9.13.8 - SSRF
Apr 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-32016 MEDIUM
Microsoft.Identity.Web 3.2.0-3.8.1 - Sensitive Information Exposure in Service Logs
Apr 09, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-32017 HIGH
Umbraco CMS 14.0.0-14.3.3 - Authenticated Path Traversal via Management API
Apr 08, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-24070 HIGH
ASP.NET Core & Visual Studio - Privilege Escalation
Mar 11, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-24043 HIGH
Windbg < 1.2502.25002.0 - Remote Code Execution via Cryptographic Signature Verification Bypass
Mar 11, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-27602 MEDIUM
Umbraco CMS < 10.8.9 - Authenticated Improper Authorization via Backoffice API URL Manipulation
Mar 11, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-27601 MEDIUM
Umbraco CMS <14.3.3 & Umbraco.Cms.Api.Management 15.0.0-rc1-15.2.3 - Authenticated Improper Authorization
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27598 HIGH
ImageSharp < 2.1.10 and 3.0.0-3.1.6 - Out-of-bounds Write in GIF Decoder
Mar 06, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-27513 HIGH
OpenTelemetry.Api 1.10.0-1.11.1 - Denial of Service via Tracestate Header Processing
Mar 05, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-24895 CRITICAL
CIE.AspNetCore.Authentication - Auth Bypass
Feb 18, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-24894 CRITICAL
SPID.AspNetCore.Authentication - Auth Bypass
Feb 18, 2025
CVSS 9.1
EPSS 0.00
Products
Microsoft.ChakraCore 247 Magick.NET-Q16-AnyCPU 86 Magick.NET-Q16-HDRI-AnyCPU 86 Magick.NET-Q8-AnyCPU 86 Magick.NET-Q16-HDRI-x86 85 Magick.NET-Q16-x86 85 Magick.NET-Q8-x86 84 Magick.NET-Q16-HDRI-OpenMP-arm64 83 Magick.NET-Q16-HDRI-x64 83 Magick.NET-Q16-OpenMP-arm64 83 Magick.NET-Q16-OpenMP-x64 83 Magick.NET-Q16-arm64 83 Magick.NET-Q16-HDRI-arm64 82 Magick.NET-Q8-OpenMP-arm64 82 Magick.NET-Q8-arm64 82 Magick.NET-Q16-x64 79 Magick.NET-Q8-OpenMP-x64 79 Magick.NET-Q8-x64 76 Magick.NET-Q16-HDRI-OpenMP-x64 69 Magick.NET-Q16-OpenMP-x86 57 DotNetNuke.Core 35 Microsoft.AspNetCore.App.Runtime.win-x64 25 Microsoft.AspNetCore.App.Runtime.win-x86 25 Microsoft.AspNetCore.App.Runtime.win-arm 24 Microsoft.AspNetCore.App.Runtime.linux-arm 22 Microsoft.AspNetCore.App.Runtime.linux-arm64 22 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 22 Microsoft.AspNetCore.App.Runtime.linux-x64 22 Microsoft.AspNetCore.App.Runtime.osx-x64 22 Microsoft.AspNetCore.App.Runtime.win-arm64 22
Quick Filters
Critical CVEs With Exploits In CISA KEV