Lucene search
+L
MicrosoftPowershell

15 matches found

CVE
CVE
added 2025/01/14 6:3 p.m.392 views

CVE-2025-21171

CVE-2025-21171 is a remote code execution vulnerability in .NET 9.0 affecting multiple runtime packages (e.g., Microsoft.NetCore.App.Runtime.*) prior to 9.0.1. The issue allows an attacker to exploit by sending a crafted request to the vulnerable web server, potentially compromising affected host...

7.5CVSS7.8AI score0.01637EPSS
CVE
CVE
added 2022/05/10 8:33 p.m.359 views

CVE-2022-23267

CVE-2022-23267 is a .NET Denial of Service vulnerability. The connected sources describe a DoS arising from a crafted HttpClient request that can exhaust memory and impact .NET/ASP.NET/Visual Studio environments. The IBM RPA bulletin lists CVE-2022-23267 as part of multiple vulnerabilities with r...

7.5CVSS7.5AI score0.05041EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.342 views

CVE-2024-21409

CVE-2024-21409 is described in the provided documents as a .NET family remote code execution vulnerability affecting .NET/.NET Framework and related SDKs. Concrete details in connected sources indicate affected products/versions include .NET Core/.NET SDKs prior to 6.0.29, 7.0.18, or 8.0.4, with ...

7.3CVSS7.5AI score0.02513EPSS
CVE
CVE
added 2024/03/12 4:57 p.m.331 views

CVE-2024-21392

CVE-2024-21392 affects .NET 7.0 and .NET 8.0 runtimes where specially crafted requests may trigger a resource leak, causing a Denial of Service. Affected versions include .NET 7.0 up to 7.0.16 and .NET 8.0 up to 8.0.2; patched versions are 7.0.17 and 8.0.3, respectively. The issue also impacts mu...

7.5CVSS7.7AI score0.03065EPSS
CVE
CVE
added 2024/03/12 4:57 p.m.293 views

CVE-2024-26190

CVE-2024-26190 : Microsoft QUIC (MsQuic) server component is affected by a denial-of-service vulnerability caused by a memory leak that can be triggered by multiple decodes, leading to memory exhaustion. The entry’s CVSSv3.1 base score is 7.5 (HIGH) with network attack vector, no authentication, ...

7.5CVSS7.4AI score0.0299EPSS
CVE
CVE
added 2023/01/10 12:0 a.m.276 views

CVE-2023-21538

CVE-2023-21538 is a .NET Denial of Service vulnerability affecting .NET 6.0 (and related runtimes/sdks) engineered to cause a stack overflow via specially crafted input. Public details in the connected IBM and security advisories confirm a remote-denial-of-service impact when processing invalid r...

7.5CVSS7.5AI score0.0274EPSS
CVE
CVE
added 2020/05/21 10:53 p.m.254 views

CVE-2020-1108

CVE-2020-1108 affects Microsoft .NET Core and .NET Framework; a denial-of-service can be caused by improper handling of incoming web requests. The IBM security bulletin (referencing IBM X-Force) lists a base score of 7.5 (HIGH) and notes the vulnerability affects IBM Robotic Process Automation pr...

7.5CVSS7.3AI score0.11684EPSS
CVE
CVE
added 2025/06/13 1:8 a.m.252 views

CVE-2025-30399

CVE-2025-30399 is a Remote Code Execution vulnerability described as an untrusted search path in .NET and Visual Studio that allows an attacker to execute code over the network by placing files in specific locations. Connected advisories confirm affected runtimes and provide fixes: .NET 8.x runti...

7.5CVSS7.6AI score0.0089EPSS
CVE
CVE
added 2022/04/15 7:4 p.m.235 views

CVE-2022-26788

No concrete technical details about CVE-2022-26788 are provided in the connected documents. The initial entry only notes a PowerShell Elevation of Privilege vulnerability; monitor for updates in public advisories.

7.8CVSS8.6AI score0.00614EPSS
CVE
CVE
added 2022/12/13 12:0 a.m.129 views

CVE-2022-41121

CVE-2022-41121 is a Windows Graphics Component Elevation of Privilege vulnerability with a CVSS v3.1 base score of 7.8 (HIGH), requiring LOCAL access with LOW privileges and no user interaction. The available descriptions identify the affected component as Windows Graphics Component but provide n...

7.8CVSS7.9AI score0.0105EPSS
CVE
CVE
added 2020/09/11 5:8 p.m.119 views

CVE-2020-0951

The CVE-2020-0951 issue is a security feature bypass in Windows Defender Application Control (WDAC). The vulnerability could allow an attacker with local admin access to bypass WDAC enforcement and execute PowerShell commands that WDAC would normally block. Exploitation requires an administrator ...

7.2CVSS7.5AI score0.07037EPSS
CVE
CVE
added 2025/10/14 5:0 p.m.98 views

CVE-2025-25004

CVE-2025-25004 affects Microsoft PowerShell. The connected documents corroborate a local privilege escalation vulnerability due to improper access control, enabling an authorized attacker to obtain elevated privileges on the host. The advisory entries (including NCSC-2025-0313) assign CVSS v3.1/3...

7.3CVSS6.4AI score0.00444EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.77 views

CVE-2026-26171

The entry CVE-2026-26171 describes a .NET Denial of Service vulnerability with a CVSSv3.1 base score of 7.5 (HIGH) and network exposure. Exploitation is possible without user interaction and with no privileges required, affecting availability. The provided reference points to a Microsoft update g...

7.5CVSS5.8AI score0.01753EPSS
CVE
CVE
added 2026/04/14 4:57 p.m.70 views

CVE-2026-26143

The CVE-2026-26143 entry concerns Improper input validation in Microsoft PowerShell that allows a local attacker to bypass a security feature. The advisory set shows affected software as Microsoft PowerShell with a high impact (MITRE-style: Circumvention of security measure) and a high base score...

7.8CVSS5.7AI score0.00536EPSS
CVE
CVE
added 2025/09/09 5:0 p.m.67 views

CVE-2025-49734

CVE-2025-49734 affects Windows PowerShell. The root cause is an improper restriction of the communication channel to intended endpoints, enabling an authorized local attacker to elevate privileges. The CVE maps to a local privilege escalation with high impact (C:H/I:H/A:H) and requires local acce...

7CVSS6.4AI score0.00302EPSS