Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuget vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-29337
NuGet Client Remote Code Execution Vulnerability
Microsoft Nuget 6.5.0
Microsoft Nuget 6.4.1
Microsoft Nuget 6.3.2
Microsoft Nuget 6.2.3
Microsoft Nuget 6.0.4
Microsoft Nuget 6.6.0
NA
CVE-2023-32312
UmbracoIdentityExtensions is an Umbraco add-on package that enables easy extensibility points for ASP.Net Identity integration. In affected versions client secrets are not required which may expose some endpoints to untrusted actors. Since Umbraco is not a single-page application...
Umbraco Umbraco Identity Extensibility
NA
CVE-2023-34225
In JetBrains TeamCity prior to 2023.05 stored XSS in the NuGet feed page was possible
Jetbrains Teamcity
NA
CVE-2022-3478
An issue has been discovered in GitLab affecting all versions starting from 12.8 prior to 15.4.6, all versions starting from 15.5 prior to 15.5.5, all versions starting from 15.6 prior to 15.6.1. It was possible to trigger a DoS attack by uploading a malicious nuget package.
Gitlab Gitlab 15.6.0
Gitlab Gitlab
NA
CVE-2022-41064
.NET Framework Information Disclosure Vulnerability
Microsoft .net Framework 4.8
Microsoft .net Framework 4.8.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft Nuget
NA
CVE-2022-41032
NuGet Client Elevation of Privilege Vulnerability
Microsoft .net Core 3.1
Microsoft .net 6.0.0
Microsoft Visual Studio 2022
Microsoft Visual Studio 2019
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
4.3
CVSSv2
CVE-2022-30184
.NET and Visual Studio Information Disclosure Vulnerability
Microsoft Visual Studio 2022
Microsoft .net Core 3.1
Microsoft Visual Studio 2019 8.10
Microsoft .net 6.0.0
Microsoft Visual Studio 2019
Microsoft Visual Studio 2022
Microsoft Nuget
Fedoraproject Fedora 35
Fedoraproject Fedora 36
3.5
CVSSv2
CVE-2022-0243
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
3.5
CVSSv2
CVE-2022-0274
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
6.4
CVSSv2
CVE-2021-21658
Jenkins Nuget Plugin 1.0 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Nuget
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »