nuget

842 tracked vulnerabilities.

CVE-2025-26620 MEDIUM
Duende.AccessTokenManagement < 3.2.0 - Race Condition in Client Credentials Token Request
Feb 18, 2025
EPSS 0.00
CVE-2025-24788 MEDIUM
Snowflake Connector for .NET 2.0.12-4.2.0 - Unauthorized Local File Access via World-Readable Temporary Directory
Jan 29, 2025
CVSS 5.0
EPSS 0.00
CVE-2025-24012 MEDIUM
Umbraco CMS 14.0.0-14.3.1 - Authenticated Cross-Site Scripting in Localized Backoffice Components
Jan 21, 2025
CVSS 4.6
EPSS 0.01
CVE-2025-24011 MEDIUM
Umbraco CMS 14.0.0-14.3.1 - Unauthenticated User Enumeration via Management API Response Analysis
Jan 21, 2025
CVSS 5.3
EPSS 0.35
CVE-2025-23041 MEDIUM
Umbraco.Forms < 8.13.16, < 10.5.7 - Improper Input Validation in Character Limit Enforcement
Jan 14, 2025
CVSS 5.8
EPSS 0.00
CVE-2025-21176 HIGH
.NET and .NET Framework - Remote Code Execution
Jan 14, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-21172 HIGH
.NET and Visual Studio - Remote Code Execution via Integer Overflow
Jan 14, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-21171 HIGH
.NET - Remote Code Execution via Heap-based Buffer Overflow
Jan 14, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-57716 HIGH
AutoQueryable 1.7.0 - Exposure of Sensitive Information via Unselectable Function
Feb 20, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-42513 MEDIUM
OPC UA .NET Standard Stack <1.5.374.158 - Auth Bypass
Feb 10, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-42512 HIGH
OPC UA .NET Standard Stack <1.5.374.158 - Auth Bypass
Feb 10, 2025
CVSS 8.6
EPSS 0.00
CVE-2024-55488 MEDIUM
Umbraco CMS 14.3.1 - Authenticated Stored Cross-Site Scripting in Rich Text Display
Jan 22, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-51417 MEDIUM
System.Linq.Dynamic.Core < 1.6.0 - Unauthenticated Remote Property Access via Reflection
Jan 21, 2025
CVSS 6.4
EPSS 0.00
CVE-2024-50338 HIGH
Git Credential Manager < 2.6.1 - Credential Leak via CR Line Ending Mismatch
Jan 14, 2025
CVSS 7.4
EPSS 0.00
CVE-2024-55341 MEDIUM
Piranha CMS 11.1 - Stored Cross-Site Scripting via Markdown Content
Dec 20, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-55342 MEDIUM
Piranha CMS 11.1 - Authenticated Stored Cross-Site Scripting via PDF File Upload
Dec 20, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-55471 MEDIUM
Oqtane.Framework - Insecure Direct Object Reference in UserController via ID Parameter
Dec 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-55470 HIGH
Oqtane Framework 6.0.0 - Authentication Bypass via EntityID Parameter Spoofing
Dec 20, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-55186 MEDIUM
Oqtane.Framework 6.0.0 - Authenticated Insecure Direct Object Reference via Notification ID Manipulation
Dec 20, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-11862 MEDIUM
Dvls XTS.NET <2024.11.19 - Info Disclosure
Nov 27, 2024
EPSS 0.00
CVE-2024-48510 CRITICAL
Mihula Prodotnetzip < 1.19.0 - Path Traversal
Nov 13, 2024
CVSS 9.8
EPSS 0.02
CVE-2024-43499 HIGH
.NET and Visual Studio - Denial of Service via Highly Compressed Data
Nov 12, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-43498 CRITICAL
.NET and Visual Studio - Remote Code Execution via Type Confusion
Nov 12, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-51987 MEDIUM
Duende.AccessTokenManagement.OpenIdConnect - Info Disclosure
Nov 08, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-51501 CRITICAL
Refit < 7.2.22 - CRLF Injection via HTTP Header Manipulation
Nov 04, 2024
EPSS 0.00
Products
Microsoft.ChakraCore 247 Magick.NET-Q16-AnyCPU 86 Magick.NET-Q16-HDRI-AnyCPU 86 Magick.NET-Q8-AnyCPU 86 Magick.NET-Q16-HDRI-x86 85 Magick.NET-Q16-x86 85 Magick.NET-Q8-x86 84 Magick.NET-Q16-HDRI-OpenMP-arm64 83 Magick.NET-Q16-HDRI-x64 83 Magick.NET-Q16-OpenMP-arm64 83 Magick.NET-Q16-OpenMP-x64 83 Magick.NET-Q16-arm64 83 Magick.NET-Q16-HDRI-arm64 82 Magick.NET-Q8-OpenMP-arm64 82 Magick.NET-Q8-arm64 82 Magick.NET-Q16-x64 79 Magick.NET-Q8-OpenMP-x64 79 Magick.NET-Q8-x64 76 Magick.NET-Q16-HDRI-OpenMP-x64 69 Magick.NET-Q16-OpenMP-x86 57 DotNetNuke.Core 35 Microsoft.AspNetCore.App.Runtime.win-x64 25 Microsoft.AspNetCore.App.Runtime.win-x86 25 Microsoft.AspNetCore.App.Runtime.win-arm 24 Microsoft.AspNetCore.App.Runtime.linux-arm 22 Microsoft.AspNetCore.App.Runtime.linux-arm64 22 Microsoft.AspNetCore.App.Runtime.linux-musl-x64 22 Microsoft.AspNetCore.App.Runtime.linux-x64 22 Microsoft.AspNetCore.App.Runtime.osx-x64 22 Microsoft.AspNetCore.App.Runtime.win-arm64 22
Quick Filters
Critical CVEs With Exploits In CISA KEV