Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
.net framework vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-21505
A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled (CVE-2022-21505) A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain m...
1 Github repository
5.5
CVSSv3
CVE-2022-26373
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
Intel Xeon Platinum 8253 Firmware -
Intel Xeon Platinum 8256 Firmware -
Intel Xeon Platinum 8260 Firmware -
Intel Xeon Platinum 8260l Firmware -
Intel Xeon Platinum 8260m Firmware -
Intel Xeon Platinum 8260y Firmware -
Intel Xeon Platinum 8268 Firmware -
Intel Xeon Platinum 8270 Firmware -
Intel Xeon Platinum 8276 Firmware -
Intel Xeon Platinum 8276l Firmware -
Intel Xeon Platinum 8276m Firmware -
Intel Xeon Platinum 8280 Firmware -
Intel Xeon Platinum 8280l Firmware -
Intel Xeon Platinum 8280m Firmware -
Intel Xeon Platinum 9220 Firmware -
Intel Xeon Platinum 9221 Firmware -
Intel Xeon Platinum 9222 Firmware -
Intel Xeon Platinum 9242 Firmware -
Intel Xeon Platinum 9282 Firmware -
Intel Xeon Gold 5215 Firmware -
Intel Xeon Gold 5215l Firmware -
Intel Xeon Gold 5215m Firmware -
6.7
CVSSv3
CVE-2022-20369
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An...
Google Android -
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2022-30631
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an malicious user to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files.
Golang Go
7.8
CVSSv3
CVE-2022-36123
The Linux kernel prior to 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.
Linux Linux Kernel
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.5
CVSSv3
CVE-2022-36946
nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel up to and including 5.18.14 allows remote malicious users to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negat...
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Solidfire & Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node -
Netapp Solidfire & Hci Storage Node -
Netapp Solidfire Enterprise Sds -
2 Github repositories
5.5
CVSSv3
CVE-2022-36879
An issue exists in the Linux kernel up to and including 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp A700s Firmware -
Netapp Active Iq Unified Manager -
Netapp Hci Bootstrap Os -
Netapp E-series Santricity Os Controller
Netapp Aff 8300 Firmware -
Netapp Fas 8300 Firmware -
Netapp Aff 8700 Firmware -
Netapp Fas 8700 Firmware -
Netapp Aff A400 Firmware -
Netapp Fas A400 Firmware -
Netapp Aff A250 Firmware -
Netapp Fas A250 Firmware -
Netapp Fas 500f Firmware -
Netapp Aff 500f Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp H410c Firmware -
7.8
CVSSv3
CVE-2022-27579
A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an malicious user to craft malicious project files. Opening/importing such a malicious project file would execute ar...
Sick Flexi Soft Designer
Sick Flexi Soft Designer 1.9.4
7.8
CVSSv3
CVE-2022-27580
A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an malicious user to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary co...
Sick Safety Designer
6.7
CVSSv3
CVE-2021-33655
When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
Linux Linux Kernel 5.19
Linux Linux Kernel
Debian Debian Linux 10.0
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »