Lucene search
+L

288 matches found

snyk
snyk
added 2023/09/12 8:15 p.m.4 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via Microsoft.DiaSymReader.Native.amd64.dll when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version 6.0.22, 7.0.1...

7.8CVSS7.4AI score0.01441EPSS
Exploits0References2
github
github
added 2023/09/12 8:15 p.m.54 views

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

7.8CVSS7.3AI score0.01441EPSS
Exploits0References4Affected Software3
osv
osv
added 2023/09/12 8:15 p.m.53 views

GHSA-G4P8-G7MQ-WPX4 Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36793: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

7.8CVSS8.5AI score0.01441EPSS
Exploits0References4
snyk
snyk
added 2023/09/12 8:5 p.m.4 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE via the Microsoft.DiaSymReader.Native.amd64.dll file when reading a corrupted PDB file. Note: This issue only affects Windows systems. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 6.0.22...

7.8CVSS7.4AI score0.01441EPSS
Exploits0References2
github
github
added 2023/09/12 8:5 p.m.54 views

Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

7.8CVSS7.3AI score0.01441EPSS
Exploits0References4Affected Software3
osv
osv
added 2023/09/12 8:5 p.m.48 views

GHSA-H7JM-G87P-5935 Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36796: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

7.8CVSS8.5AI score0.01441EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2023/09/12 12:0 a.m.9 views

PT-2023-5050 · Microsoft +1 · Visual Studio +2

Name of the Vulnerable Software and Affected Versions: Visual Studio affected versions not specified Description: The issue is related to insufficient input validation in Microsoft Visual Studio, which can be exploited to execute arbitrary code. This can allow an attacker to run malicious code on...

9.8CVSS7.2AI score0.99999EPSS
Exploits19References161
kitploit
kitploit
added 2023/07/05 12:30 p.m.52 views

BugChecker - SoftICE-like Kernel Debugger For Windows 11

Introduction BugChecker is a SoftICE-like kernel and user debugger for Windows 11 and Windows XP as well: it supports Windows versions from XP to 11, both x86 and x64. BugChecker doesn't require a second machine to be connected to the system being debugged, like in the case of WinDbg and KD. This...

7.2AI score
Exploits0References13
redhatcve
redhatcve
added 2023/06/14 5:48 a.m.56 views

CVE-2023-24897

A flaw was found in dotnet. This issue can allow remote code execution through an out-of-bounds write when loading PDB type records in msdia140.dll used by Visual Studio...

7.8CVSS8.1AI score0.01184EPSS
Exploits0References5
snyk
snyk
added 2023/06/14 12:0 a.m.7 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. There is a vulnerability in the MSDIA SDK where corrupted PDBs can cause heap overflow, leading to a crash or remote code execution. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version 6.0.1...

7.8CVSS8.1AI score0.01184EPSS
Exploits0References2
mskb
mskb
added 2023/06/13 7:0 a.m.89 views

June 13, 2023-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 (KB5027541)

June 13, 2023-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 8 Standard and Windows Server 2012 KB5027541 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1...

7.8CVSS8.5AI score0.02627EPSS
Exploits0
zdt
zdt
added 2023/03/15 12:0 a.m.394 views

Oracle DB Broken PDB Isolation / Metadata Exposure Vulnerability

Proof of concept details for Oracle database versions 12.1.0.2, 12.2.0.1, 18c, and 19c that had a PDB isolation vulnerability allowing viewing of metadata for a different database within the same container. Title: CVE-2021-2173 – PDB Isolation is broken through metadata exposure Product: Database...

4.1CVSS0.3AI score0.01372EPSS
Exploits4
packetstorm
packetstorm
added 2023/03/15 12:0 a.m.414 views

Oracle DB Broken PDB Isolation / Metadata Exposure

Title: CVE-2021-2173 – PDB Isolation is broken through metadata exposure Product: Database Manufacturer: Oracle Affected Versions: 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 19c Risk Level: Medium Solution Status: Fixed CVE Reference: CVE-2021-2173 Author of Advisory: Emad Al-Mousa Overview:...

4.1CVSS0.1AI score0.01372EPSS
Exploits4
snyk
snyk
added 2023/03/01 8:18 a.m.4 views

Malicious Package

Overview pdb-uatraits is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7.1AI score
Exploits0References3
snyk
snyk
added 2023/03/01 8:18 a.m.3 views

Malicious Package

Overview pdb-geobase is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7.1AI score
Exploits0References3
snyk
snyk
added 2023/02/15 8:16 a.m.2 views

Malicious Package

Overview pdb-extensions is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...

9.8CVSS7.1AI score
Exploits0References3
susecve
susecve
added 2023/02/15 5:58 a.m.4 views

SUSE CVE-2010-2575

Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via ...

6.8CVSS8.2AI score0.04652EPSS
Exploits0References4
susecve
susecve
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9807

The pdb coder in ImageMagick allows remote attackers to cause a denial of service double free via unspecified vectors...

5.5CVSS6.8AI score0.01374EPSS
Exploits0References12
susecve
susecve
added 2023/02/15 5:10 a.m.4 views

SUSE CVE-2015-8902

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service infinite loop via a crafted PDB file...

6.5CVSS6.6AI score0.01954EPSS
Exploits1References8
susecve
susecve
added 2023/02/15 4:58 a.m.3 views

SUSE CVE-2016-7531

MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service out-of-bounds write via a crafted PDB file...

6.5CVSS6.6AI score0.02882EPSS
Exploits0References7
Rows per page
Query Builder