667 matches found
Important: mono
Issue Overview: SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version...
The vulnerability of the AuthenticodeDeformatter class in the Mono application development platform allows attackers to perform spoofing attacks.
The vulnerability of the AuthenticodeDeformatter class in the Mono application development platform is related to errors in the user interface’s information representation during the loading of the Mono.Security.dll library. Exploiting this vulnerability allows a malicious actor to perform spoofi...
CVE-2023-35373
Mono Authenticode Validation Spoofing Vulnerability...
CVE-2023-35373
Mono Authenticode Validation Spoofing Vulnerability...
CVE-2023-35373
Mono Authenticode Validation Spoofing Vulnerability...
CVE-2023-35373
CVE-2023-35373 corresponds to a Mono Authenticode Validation Spoofing vulnerability. Connected sources confirm a spoofing impact (pretending to be another user) affecting Mono Authenticode Validation, with a base CVSSv3.1 score around 5.3 (Medium) and an attack vector of network, high attack comp...
CVE-2023-35373 Mono Authenticode Validation Spoofing Vulnerability
...
CVE-2023-35373 Mono Authenticode Validation Spoofing Vulnerability
...
PT-2023-3542 · Mono +1 · Mono +1
Name of the Vulnerable Software and Affected Versions: Mono affected versions not specified Description: The issue is related to errors in presenting information to the user interface when loading the Mono.Security.dll library. It may allow a remote attacker to conduct spoofing attacks...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Developer Tools. A malicious person with access to the development environment can exploit the vulnerabilities to exploit attacks that could lead to the following categories of damage: Bypassing security measure. Remote code execution User rights...
KLA50771 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability...
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery Vulnerability
Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versi...
Covenant v0.5 - Remote Code Execution Exploit
Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows defender disable...
Covenant 0.5 Remote Code Execution
Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Date: 2022-09-11 Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows...
Debian: Security Advisory (DLA-376-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-176-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious Package
Overview @buffer-mono/png-export is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Malicious Package
Overview @buffer-mono/non-secure is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Debian: Security Advisory (DLA-3343-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3343 : ca-certificates-mono - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3343 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3343-1 [email protected] https://www.debian.org/lts/security/...