Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mono mono vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2006-6104
The System.Web class in the XSP for ASP.NET server 1.1 up to and including 2.0 in Mono does not properly verify local pathnames, which allows remote malicious users to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%...
Mono Xsp 1.2.1
Mono Xsp 2.0
Mono Xsp 1.1
1 EDB exploit
445
VMScore
CVE-2015-2319
The TLS stack in Mono prior to 3.12.1 makes it easier for remote malicious users to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
Mono-project Mono
NA
CVE-2023-26314
The mono package prior to 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
Mono-project Mono 6.8.0.105\\+dfsg-3
Mono-project Mono 5.18.0.240\\+dfsg-3
Debian Debian Linux 10.0
605
VMScore
CVE-2015-2318
The TLS stack in Mono prior to 3.12.1 allows man-in-the-middle malicious users to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
Mono-project Mono
Debian Debian Linux 6.0
668
VMScore
CVE-2015-2320
The TLS stack in Mono prior to 3.12.1 allows remote malicious users to have unspecified impact via vectors related to client-side SSLv2 fallback.
Mono-project Mono
Debian Debian Linux 7.0
383
VMScore
CVE-2005-0509
Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote malicious users to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, inc...
Mono Mono 1.0.5
Microsoft .net Framework 1.1
Microsoft .net Framework 1.0
578
VMScore
CVE-2020-12470
MonoX up to and including 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.
Mono Monox
801
VMScore
CVE-2020-12473
MonoX up to and including 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program.
Mono Monox
668
VMScore
CVE-2020-12471
MonoX up to and including 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.
Mono Monox
312
VMScore
CVE-2020-12472
MonoX up to and including 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description.
Mono Monox
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »