Lucene search
K

66 matches found

Snyk
Snyk
added 2025/09/08 2:41 p.m.3 views

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read via the DiaSymReader.dll process. An attacker can execute arbitrary code by exploiting a buffer over-read condition when the application processes specially crafted input. This issue affects EOL ASP.NET 6.0.0 = 6.0.36 a...

8.8CVSS8.9AI score0.02262EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/08 2:41 p.m.5 views

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read via the DiaSymReader.dll process. An attacker can execute arbitrary code by exploiting a buffer over-read condition when the application processes specially crafted input. This issue affects EOL ASP.NET 6.0.0 = 6.0.36 a...

8.8CVSS8.9AI score0.02262EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/08 2:41 p.m.4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the msdia140.dll process. An attacker can execute arbitrary code by supplying specially crafted input that triggers an integer overflow and subsequent heap-bas...

7.5CVSS8.7AI score0.01764EPSS
Exploits0References2
Snyk
Snyk
added 2025/06/11 2:48 p.m.4 views

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path. An attacker can achieve remote code execution by planting malicious files on the victim's system, with knowledge of where they should be placed, then tricking a user to run these files. Remediation Upgrade...

7.5CVSS8.1AI score0.0089EPSS
Exploits0References2
Snyk
Snyk
added 2025/06/11 2:48 p.m.5 views

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path. An attacker can achieve remote code execution by planting malicious files on the victim's system, with knowledge of where they should be placed, then tricking a user to run these files. Remediation Upgrade...

7.5CVSS8.1AI score0.0089EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/27 5:25 a.m.5 views

Malicious code in athira-linux-arm64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03764ecb085360e3cbc92fb68e4f259af41698f01a6b6a4684c7ed5a899b12a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/27 5:25 a.m.3 views

Malicious code in skinnyvans-linux-arm64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78bb320c57a11fc61b5db53653bf51fb93b078e579dcfae939e15a6749c139aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/05/27 5:25 a.m.4 views

MAL-2025-4505 Malicious code in skinnyvans-linux-arm64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78bb320c57a11fc61b5db53653bf51fb93b078e579dcfae939e15a6749c139aa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2025/05/27 5:25 a.m.2 views

MAL-2025-4469 Malicious code in athira-linux-arm64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03764ecb085360e3cbc92fb68e4f259af41698f01a6b6a4684c7ed5a899b12a0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Snyk
Snyk
added 2025/04/08 4:0 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttlin...

8.7CVSS7.9AI score0.01383EPSS
Exploits0References2
Snyk
Snyk
added 2025/03/11 7:24 p.m.3 views

Improper Authentication

Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...

8.3CVSS7.1AI score0.00911EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/03 1:43 p.m.6 views

Malicious code in workerd-linux-arm64 (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2025/03/03 1:43 p.m.3 views

MAL-2025-1958 Malicious code in workerd-linux-arm64 (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
Snyk
Snyk
added 2025/01/14 7:46 p.m.6 views

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

8.8CVSS7AI score0.02262EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 7:44 p.m.4 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue...

7.5CVSS7AI score0.01764EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 7:43 p.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow. An attacker can execute arbitrary code by sending malicious requests designed to exploit the vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version 9.0.1 or higher. References...

9.2CVSS7.9AI score0.01637EPSS
Exploits0References2
Snyk
Snyk
added 2024/10/08 5:43 p.m.5 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code executi...

9.2CVSS8AI score0.02049EPSS
Exploits0References3
Snyk
Snyk
added 2024/08/13 7:26 p.m.3 views

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information via the TlsStream process. An attacker can gain access to sensitive information by intercepting unencrypted data. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm64 to version...

7.1CVSS6.8AI score0.0131EPSS
Exploits0References2
Snyk
Snyk
added 2024/07/09 9:14 p.m.7 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation through the parsing of X.509 certificates. An attacker can cause excessive CPU consumption and disrupt service by submitting a specially crafted malicious certificate. Remediation Upgrade...

7.5CVSS6.9AI score0.02719EPSS
Exploits0References2
Snyk
Snyk
added 2024/07/09 9:14 p.m.13 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free through the handling of HTTP/3...

9.2CVSS7.9AI score0.02587EPSS
Exploits0References2
Rows per page
Query Builder