Lucene search

Mono Security Vulnerabilities

cve

CVE-2012-3543

mono 2.10.x ASP.NET Web Form Hash collision DoS

7.5CVSS

7.3AI Score

0.006EPSS

2019-11-21 02:15 PM

cve

CVE-2015-2318

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.

8.1CVSS

8.1AI Score

0.007EPSS

2018-01-08 07:29 PM

cve

CVE-2015-2319

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.

7.5CVSS

6.3AI Score

0.949EPSS

2018-01-08 07:29 PM

cve

CVE-2015-2320

The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.

9.8CVSS

8.5AI Score

0.015EPSS

2018-01-08 07:29 PM

cve

CVE-2023-26314

The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.

8.8CVSS

8.9AI Score

0.002EPSS

2023-02-22 07:15 AM