Lucene search
+L

134 matches found

OSV
OSV
added 2025/12/09 3:18 a.m.9 views

CVE-2025-66631 CSLA .NET is vulnerable to Remote Code Execution via WcfProxy

CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer NDCS and is vulnerable to remote code execution during deserialization...

9.2CVSS8AI score0.00575EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/12/08 10:15 p.m.10 views

Csla affected by Remote Code Execution via WcfProxy (NetDataContractSerializer)

Impact Versions of CSLA .NET prior to version 6 allow the use of WcfProxy. WcfProxy uses the NetDataContractSerializer NDCS which has known vulnerabilities that can allow remote execution of code during deserialization. NDCS itself is considered obsolete, and you should avoid using WcfProxy or...

9.8CVSS7.4AI score0.00575EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-5050

Malware in sbrugna...

10CVSS9.5AI score0.02413EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-0429

Malware in sbrugna...

9.8CVSS9.4AI score0.01657EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-14042

Malware in sbrugna...

7.8CVSS7.7AI score0.01092EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-6189

Malware in sbrugna...

4.9CVSS5.3AI score0.00979EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-20399

Malware in sbrugna...

7.8CVSS7.7AI score0.00394EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-32628

Malicious code in bioql PyPI...

9CVSS7.1AI score0.01008EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-37930

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00599EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.10 views

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

9.8CVSS7.3AI score0.00599EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:27 p.m.9 views

CVE-2021-27240

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...

7.8CVSS7.2AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:11 p.m.8 views

CVE-2020-12013

A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. This affects: Mitsubishi Electric MC Works64 Version 4.02C 10.95.208.31 and earlier, all versions; Mitsubishi Electric MC Works32 Version 3.00A 9.50.255.02; ICONICS GenBroker6...

9.1CVSS7.8AI score0.03029EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/11 12:0 a.m.10 views

PT-2024-12304 · Amc2-2Wcf +1 · Amc2-2Wcf +1

Name of the Vulnerable Software and Affected Versions: AMC2-4WCF and AMC2-2WCF affected versions not specified Description: The issue is related to a firmware bug that may cause misinterpretation of data, allowing an adversary to grant access to the last authorized user. Recommendations: At the...

4.6CVSS6.9AI score0.00233EPSS
Exploits0References2
CVE
CVE
added 2024/03/15 7:4 p.m.87 views

CVE-2024-28252

The CVE describes a resource exhaustion issue in CoreWCF NetFraming based services (NetTcpBinding, NetNamedPipeBinding, UnixDomainSocketBinding). When a client connects and sends no data, the service may wait indefinitely for a NetFraming handshake; if a session remains idle beyond the ReceiveTim...

7.5CVSS7.4AI score0.00579EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/06/01 4:15 a.m.30 views

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

9.8CVSS9.6AI score0.00599EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/06/01 12:0 a.m.8 views

CVE-2023-33778

Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their o...

9.6AI score0.00599EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.71 views

January 11, 2022-KB5008882 Cumulative Update for .NET Framework 3.5 and 4.8 for Microsoft server operating system version 21H2

None None...

7.5CVSS7AI score0.03052EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.36 views

January 11, 2022-KB5008880 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 11

None None...

7.5CVSS7AI score0.03052EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.75 views

January 11, 2022-KB5008879 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1909

None None...

7.5CVSS7AI score0.03052EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.113 views

January 11, 2022-KB5008877 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server, version 2016

None None...

7.5CVSS7AI score0.03052EPSS
Exploits0
Rows per page
Query Builder