Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mono mono vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-35373
Mono Authenticode Validation Spoofing Vulnerability
Microsoft Mono
8.8
CVSSv3
CVE-2023-26314
The mono package prior to 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
Mono-project Mono 6.8.0.105\\+dfsg-3
Mono-project Mono 5.18.0.240\\+dfsg-3
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of includ...
Kardex Kardex Control Center 5.7.12\\+0-a203c2a213-master
2 Github repositories
8.1
CVSSv3
CVE-2021-24112
.NET Core Remote Code Execution Vulnerability
Microsoft Visual Studio 2019 -
Microsoft Mono
Microsoft .net
Microsoft .net Core
1 Github repository
7.2
CVSSv3
CVE-2020-12470
MonoX up to and including 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.
Mono Monox
9.8
CVSSv3
CVE-2020-12471
MonoX up to and including 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.
Mono Monox
5.4
CVSSv3
CVE-2020-12472
MonoX up to and including 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description.
Mono Monox
7.2
CVSSv3
CVE-2020-12473
MonoX up to and including 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program.
Mono Monox
7.5
CVSSv3
CVE-2012-3543
mono 2.10.x ASP.NET Web Form Hash collision DoS
Mono-project Mono
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
6.5
CVSSv3
CVE-2019-0757
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated malicious user to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.
Microsoft Visual Studio 2017 -
Microsoft Nuget 4.9.4
Microsoft Nuget 4.3.1
Microsoft Nuget 4.4.2
Microsoft Nuget 4.7.2
Microsoft Nuget 4.8.2
Microsoft Nuget 4.5.2
Microsoft Nuget 4.6.3
Mono-project Mono Framework 5.18.0.223
Mono-project Mono Framework 5.20.0
Microsoft .net Core Sdk 1.1
Microsoft .net Core Sdk 2.1.500
Microsoft .net Core Sdk 2.2.100
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
2 Articles
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »