Lucene search
K

667 matches found

Amazon
Amazon
added 2023/09/25 12:0 a.m.7 views

Important: mono

Issue Overview: SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry ../evil.txt may be extracted in the parent directory of destFolder. This leads to arbitrary file write that may lead to code execution. The vulnerability was patched in version...

9.8CVSS7.7AI score0.01973EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2023/07/18 12:0 a.m.6 views

The vulnerability of the AuthenticodeDeformatter class in the Mono application development platform allows attackers to perform spoofing attacks.

The vulnerability of the AuthenticodeDeformatter class in the Mono application development platform is related to errors in the user interface’s information representation during the loading of the Mono.Security.dll library. Exploiting this vulnerability allows a malicious actor to perform spoofi...

5.3CVSS6.6AI score0.00805EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2023/07/11 6:15 p.m.39 views

CVE-2023-35373

Mono Authenticode Validation Spoofing Vulnerability...

5.3CVSS7.1AI score0.00805EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/07/11 6:15 p.m.6 views

CVE-2023-35373

Mono Authenticode Validation Spoofing Vulnerability...

5.3CVSS6.7AI score0.00805EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/07/11 6:15 p.m.37 views

CVE-2023-35373

Mono Authenticode Validation Spoofing Vulnerability...

5.3CVSS5.2AI score0.00805EPSS
Exploits0References1
CVE
CVE
added 2023/07/11 5:3 p.m.81 views

CVE-2023-35373

CVE-2023-35373 corresponds to a Mono Authenticode Validation Spoofing vulnerability. Connected sources confirm a spoofing impact (pretending to be another user) affecting Mono Authenticode Validation, with a base CVSSv3.1 score around 5.3 (Medium) and an attack vector of network, high attack comp...

5.3CVSS5.6AI score0.00805EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/11 5:3 p.m.20 views

CVE-2023-35373 Mono Authenticode Validation Spoofing Vulnerability

...

5.3CVSS6.8AI score0.00805EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/11 5:3 p.m.29 views

CVE-2023-35373 Mono Authenticode Validation Spoofing Vulnerability

...

5.3CVSS6AI score0.00805EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/11 12:0 a.m.5 views

PT-2023-3542 · Mono +1 · Mono +1

Name of the Vulnerable Software and Affected Versions: Mono affected versions not specified Description: The issue is related to errors in presenting information to the user interface when loading the Mono.Security.dll library. It may allow a remote attacker to conduct spoofing attacks...

5.3CVSS9.3AI score0.00805EPSS
Exploits0References10
NCSC
NCSC
added 2023/07/11 12:0 a.m.8 views

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious person with access to the development environment can exploit the vulnerabilities to exploit attacks that could lead to the following categories of damage: Bypassing security measure. Remote code execution User rights...

8.8CVSS8AI score0.02095EPSS
Exploits0
Kaspersky
Kaspersky
added 2023/07/11 12:0 a.m.50 views

KLA50771 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability...

8.8CVSS8.7AI score0.02095EPSS
Exploits0References10
0day.today
0day.today
added 2023/03/31 12:0 a.m.150 views

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Versi...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/03/30 12:0 a.m.282 views

Covenant v0.5 - Remote Code Execution Exploit

Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows defender disable...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2023/03/30 12:0 a.m.429 views

Covenant 0.5 Remote Code Execution

Exploit Title: Covenant v0.5 - Remote Code Execution RCE Exploit Author: xThaz Author website: https://xthaz.fr/ Date: 2022-09-11 Vendor Homepage: https://cobbr.io/Covenant.html Software Link: https://github.com/cobbr/Covenant Version: v0.1.3 - v0.5 Tested on: Windows 11 compiled covenant Windows...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.28 views

Debian: Security Advisory (DLA-376-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.8AI score0.28167EPSS
Exploits43References2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.24 views

Debian: Security Advisory (DLA-176-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.03539EPSS
Exploits0References2
Snyk
Snyk
added 2023/03/01 8:18 a.m.1 views

Malicious Package

Overview @buffer-mono/png-export is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snyk
added 2023/03/01 8:18 a.m.2 views

Malicious Package

Overview @buffer-mono/non-secure is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
OpenVAS
OpenVAS
added 2023/02/26 12:0 a.m.25 views

Debian: Security Advisory (DLA-3343-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.9AI score0.00983EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/25 12:0 a.m.24 views

Debian dla-3343 : ca-certificates-mono - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3343 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3343-1 [email protected] https://www.debian.org/lts/security/...

8.8CVSS8.5AI score0.00983EPSS
Exploits0References4
Rows per page
Query Builder