nuget

901 tracked vulnerabilities.

CVE-2025-11842 MEDIUM
Shazwazza Smidge < 4.6.0 - Path Traversal via Bundle Handler Version Argument
Oct 16, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-54539 CRITICAL
Apache ActiveMQ NMS AMQP < 2.4.0 - Remote Code Execution via Untrusted AMQP Server Deserialization
Oct 16, 2025
CVSS 9.8
EPSS 0.02
CVE-2025-55315 CRITICAL
ASP.NET Core 2.3.0-2.3.5 - HTTP Request Smuggling via Inconsistent Request Interpretation
Oct 14, 2025
CVSS 9.9
EPSS 0.66
CVE-2025-55248 MEDIUM
.NET Framework - Inadequate Encryption Strength
Oct 14, 2025
CVSS 4.8
EPSS 0.01
CVE-2025-55247 HIGH
.NET 8.0.0-8.0.20 - Authenticated Privilege Escalation via Improper Link Resolution
Oct 14, 2025
CVSS 7.3
EPSS 0.01
CVE-2025-11573 HIGH
Amazon.IonDotnet < 1.3.2 - Denial of Service via Infinite Loop in Text Input Parser
Oct 09, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-61778 CRITICAL
Akka.Remote 1.2.0-1.5.51 - Authentication Bypass via Missing Mutual TLS Enforcement
Oct 06, 2025
EPSS 0.00
CVE-2025-55797 MEDIUM
FormCMS < 0.5.5 - Unauthenticated Improper Access Control via Schema History Endpoint
Sep 30, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-57692 MEDIUM
PiranhaCMS 12.0 - Stored Cross-Site Scripting in Text Content Block
Sep 26, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-59821 MEDIUM
Dnnsoftware Dotnetnuke < 10.1.0 - XSS
Sep 23, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-59546 LOW
Dnnsoftware Dotnetnuke < 10.1.0 - XSS
Sep 23, 2025
CVSS 2.4
EPSS 0.00
CVE-2025-59545 CRITICAL
Dnnsoftware Dotnetnuke < 10.1.0 - XSS
Sep 23, 2025
CVSS 9.0
EPSS 0.01
CVE-2025-59539 MEDIUM
Dnnsoftware Dotnetnuke < 10.1.0 - XSS
Sep 23, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-59535 MEDIUM
Dnnsoftware Dotnetnuke < 10.1.0 - Information Disclosure
Sep 22, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-9708 MEDIUM
Kubernetes C# client - Man-in-the-Middle
Sep 16, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-57807 LOW
ImageMagick < 6.9.13-29 - Heap-Based Buffer Overflow via SeekBlob and WriteBlob Functions
Sep 05, 2025
CVSS 3.8
EPSS 0.00
CVE-2025-56236 MEDIUM
FormCMS 0.5.5 - Authenticated Stored Cross-Site Scripting via Avatar Upload Feature
Aug 28, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-57803 HIGH
ImageMagick < 6.9.13-28 - Integer Overflow in BMP Encoder
Aug 26, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-55298 HIGH
ImageMagick <6.9.13-28 & <7.1.2 - RCE
Aug 26, 2025
CVSS 7.5
EPSS 0.04
CVE-2025-55212 LOW
ImageMagick <6.9.13-28, <7.1.2-2 - DoS
Aug 26, 2025
CVSS 3.7
EPSS 0.01
CVE-2025-55160 MEDIUM
ImageMagick <6.9.13.27, <7.1.2.1 - DoS
Aug 13, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-55154 HIGH
ImageMagick <6.9.13-27 & <7.1.2-1 - Memory Corruption
Aug 13, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-55004 HIGH
ImageMagick <7.1.2-1 - Memory Corruption
Aug 13, 2025
CVSS 7.6
EPSS 0.01
CVE-2025-54575 MEDIUM
SixLabors.ImageSharp < 2.1.11 and 3.0.0-3.1.10 - Denial of Service via Malformed GIF Comment Extension Block
Jul 30, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-54425 MEDIUM
Umbraco CMS 13.0.0-13.9.2, 15.0.0-15.4.1, 16.0.0-16.1.0 - Unauthorized Information Exposure via Content Delivery API
Jul 30, 2025
CVSS 5.3
EPSS 0.00