CVE-2021-26701

Technical details about CVE-2021-26701 are not publicly provided in the connected documents. No affected products, versions, or remediation are specified here. Monitor for official advisories and updates.

CVE-2020-1108

CVE-2020-1108 affects Microsoft .NET Core and .NET Framework; a denial-of-service can be caused by improper handling of incoming web requests. The IBM security bulletin (referencing IBM X-Force) lists a base score of 7.5 (HIGH) and notes the vulnerability affects IBM Robotic Process Automation pr...

CVE-2021-26423

CVE-2021-26423 is a .NET Core/ASP.NET DoS vulnerability described as a denial of service in WebSocket frame processing. The primary documentation identifies affected software as .NET Core and Visual Studio (Denial of Service Vulnerability) with network-based exposure and low attack complexity. Co...

CVE-2021-34485

CVE-2021-34485 is a .NET Core information disclosure vulnerability. The root cause is that crash-dump files created by the tool (for crash dumps and on-demand dumps) could be written with world-readable permissions on Linux/macOS, enabling local attackers to read sensitive dump data. Affected sof...

CVE-2018-8256

CVE-2018-8256 is a remote code execution vulnerability in PowerShell triggered by processing specially crafted files. Affected are Windows PowerShell/PowerShell Core and several Windows OS versions (e.g., Windows 7/8.1/10, Windows Server 2008R2/2012/2016/2019, etc.). The root cause is improper ha...

CVE-2018-0764

The CVE-2018-0764 issue is a DoS vulnerability in .NET and .NET Core caused by improper processing of XML documents. Affected products include Microsoft .NET Framework versions 1.1, 2.0, 3.0, 3.5–3.5.1, 4, 4.5–4.7.1, 5.7 and .NET Core 1.0–2.0. The impact is denial of service to affected .NET appl...

CVE-2021-1721

CVE-2021-1721 is a denial-of-service vulnerability in dotnet-core/.NET Core prior to 3.1.12 affecting HTTPS web requests during X509 certificate chain building. Multiple sources (Arch Linux advisories ASA-202103-17 and ASA-202103-16) describe the impact as a denial of service, with upgrade paths ...

CVE-2019-0657

Summary: CVE-2019-0657 is referenced across multiple sources as the".NET Core NuGet Tampering Vulnerability". Connected items (ALT Linux package advisories) cite CVE-2019-0657 in security fixes for various dotnet-bootstrap packages (versions 2.1.9-alt1 across 3.1, 5.0, 6.0, 7.0 series). The advis...

CVE-2018-8292

CVE-2018-8292 is an information-disclosure vulnerability in Microsoft .NET Core caused by an open redirect that can cause a remote attacker to obtain sensitive information. Public sources in the connected documents describe exploitation via crafting content to trigger the redirect, potentially en...

CVE-2018-8415

CVE-2018-8415 is a PowerShell tampering vulnerability that could let an attacker execute unlogged code locally on affected Windows platforms (Windows 7/10, Windows Server 2012/2016/2019, and PowerShell Core 6.x). Root cause: tampering in PowerShell allowing unlogged code execution. CVSSv3 base sc...

CVE-2019-1301

CVE-2019-1301 : A denial-of-service vulnerability in .NET Core arises from improper handling/validation of web requests. Multiple connected sources confirm the issue affects .NET Core components across platforms (Windows and various Linux distros) and is triggered by crafted web requests, leading...

CVE-2019-1167

CVE-2019-1167 describes a WDAC security feature bypass in Windows Defender Application Control. The vulnerability could allow an attacker with local access to bypass WDAC enforcement when PowerShell is running in Constrained Language Mode. Microsoft’s advisory notes affected PowerShell Core versi...

CVE-2018-0786

CVE-2018-0786 affects multiple Microsoft .NET Framework versions (2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1), .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0, with a security feature bypass due to improper certificate validation. The issue is a certificate validation byp...

CVE-2019-0631

Technical details of CVE-2019-0631 are not publicly available in the provided documents; no affected products, exploit specifics, or remediation are specified. Monitor official advisories for updates.

CVE-2019-0632

Technical details about CVE-2019-0632 are not publicly available in the provided documents. Monitor for updates.

CVE-2018-8356

CVE-2018-8356 is a security feature bypass affecting multiple .NET Framework products where certificate validation is inadequate. Local attackers could exploit this by presenting expired certificates to vulnerable components, bypassing intended security checks. Public references (KB articles and ...

CVE-2019-0627

Technical details for CVE-2019-0627 are not publicly provided in the supplied documents. Monitor for updates; no product/version/impact information is available from the connected sources.

CVE-2018-0875

CVE-2018-0875 corresponds to a denial-of-service vulnerability in .NET Core runtimes and PowerShell Core caused by how the runtime handles certain crafted requests. Connected advisories confirm a hash-collision-based DoS vector (Red Hat RHSA-2018:0522; GHSA-XCVR-QV8H-M7XW) affecting .NET Core 1.0...