Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mono mono vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-22855
Kardex Mlog MCC 5.7.12+0-a203c2a213-master allows remote code execution. It spawns a web interface listening on port 8088. A user-controllable path is handed to a path-concatenation method (Path.Combine from .NET) without proper sanitisation. This yields the possibility of includ...
Kardex Kardex Control Center 5.7.12\\+0-a203c2a213-master
2 Github repositories
9.8
CVSSv3
CVE-2020-12471
MonoX up to and including 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.
Mono Monox
9.8
CVSSv3
CVE-2015-2320
The TLS stack in Mono prior to 3.12.1 allows remote malicious users to have unspecified impact via vectors related to client-side SSLv2 fallback.
Mono-project Mono
Debian Debian Linux 7.0
8.8
CVSSv3
CVE-2023-26314
The mono package prior to 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
Mono-project Mono 6.8.0.105\\+dfsg-3
Mono-project Mono 5.18.0.240\\+dfsg-3
Debian Debian Linux 10.0
8.1
CVSSv3
CVE-2021-24112
.NET Core Remote Code Execution Vulnerability
Microsoft Visual Studio 2019 -
Microsoft Mono
Microsoft .net
Microsoft .net Core
1 Github repository
8.1
CVSSv3
CVE-2015-2318
The TLS stack in Mono prior to 3.12.1 allows man-in-the-middle malicious users to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
Mono-project Mono
Debian Debian Linux 6.0
7.5
CVSSv3
CVE-2012-3543
mono 2.10.x ASP.NET Web Form Hash collision DoS
Mono-project Mono
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2015-2319
The TLS stack in Mono prior to 3.12.1 makes it easier for remote malicious users to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
Mono-project Mono
7.2
CVSSv3
CVE-2020-12470
MonoX up to and including 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.
Mono Monox
7.2
CVSSv3
CVE-2020-12473
MonoX up to and including 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program.
Mono Monox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »