Lucene search
K
MicrosoftNuget

6 matches found

CVE
CVE
added 2022/06/15 9:52 p.m.248 views

CVE-2022-30184

CVE-2022-30184 is a .NET/Visual Studio information-disclosure vulnerability. Connected sources confirm it targets Microsoft software via improper input validation, enabling a local attacker to obtain sensitive information when processing crafted content. The CVSSv3.1 base score is 5.5 (AV:L/AC:L/...

5.5CVSS5.3AI score0.05327EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.224 views

CVE-2022-41064

CVE-2022-41064 is a .NET Framework information disclosure vulnerability with CVSS v3.1 base score 5.8 (AV:A, AC:H, PR:L, UI:N, S:C, C:H). It could allow a remote authenticated attacker to obtain sensitive information by sending a specially crafted request. In IBM contexts, the vulnerability affec...

5.8CVSS5.7AI score0.00747EPSS
CVE
CVE
added 2023/06/14 2:52 p.m.222 views

CVE-2023-29337

CVE-2023-29337 is a Linux-specific vulnerability in NuGet Client (and related .NET tooling) describing a race condition that can enable a symlink attack and remote code execution when a victim opens specially crafted content. IBM/IBM RPA advisory confirms remote code execution possibilities via ....

7.1CVSS7.5AI score0.01148EPSS
CVE
CVE
added 2019/04/09 1:51 a.m.166 views

CVE-2019-0757

CVE-2019-0757 is a Tampering Vulnerability in the NuGet Package Manager for Linux and macOS. The issue allows an authenticated attacker to modify a NuGet package’s folder structure (NuGet Package Manager Tampering Vulnerability). Public sources in connected documents indicate this affects .NET Co...

6.5CVSS6.1AI score0.02696EPSS
CVE
CVE
added 2019/08/14 8:55 p.m.104 views

CVE-2019-1258

CVE-2019-1258 concerns the Azure Active Directory Authentication Library (ADAL) On-Behalf-Of flow, where token caching can let an authenticated attacker operate in another user’s context. The vulnerability is described across multiple sources (Microsoft MSRC advisory and related advisories) as an...

8.8CVSS8AI score0.03799EPSS
CVE
CVE
added 2019/05/16 6:24 p.m.78 views

CVE-2019-0976

CVE-2019-0976 describes a tampering vulnerability in the NuGet Package Manager for Linux and Mac. An authenticated attacker could modify contents of the intermediate build folder (by default obj), potentially affecting binaries produced by a build. The root cause cited in the Microsoft advisory i...

5.5CVSS5.4AI score0.01151EPSS