Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mono vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6104
The System.Web class in the XSP for ASP.NET server 1.1 up to and including 2.0 in Mono does not properly verify local pathnames, which allows remote malicious users to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for Web.Config%...
Mono Xsp 1.2.1
Mono Xsp 2.0
Mono Xsp 1.1
1 EDB exploit
7.5
CVSSv3
CVE-2015-2319
The TLS stack in Mono prior to 3.12.1 makes it easier for remote malicious users to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
Mono-project Mono
8.8
CVSSv3
CVE-2023-26314
The mono package prior to 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
Mono-project Mono 6.8.0.105\\+dfsg-3
Mono-project Mono 5.18.0.240\\+dfsg-3
Debian Debian Linux 10.0
8.1
CVSSv3
CVE-2015-2318
The TLS stack in Mono prior to 3.12.1 allows man-in-the-middle malicious users to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
Mono-project Mono
Debian Debian Linux 6.0
9.8
CVSSv3
CVE-2015-2320
The TLS stack in Mono prior to 3.12.1 allows remote malicious users to have unspecified impact via vectors related to client-side SSLv2 fallback.
Mono-project Mono
Debian Debian Linux 7.0
NA
CVE-2005-0509
Multiple cross-site scripting (XSS) vulnerabilities in the Mono 1.0.5 implementation of ASP.NET (.Net) allow remote malicious users to inject arbitrary HTML or web script via Unicode representations for ASCII fullwidth characters that are converted to normal ASCII characters, inc...
Mono Mono 1.0.5
Microsoft .net Framework 1.1
Microsoft .net Framework 1.0
7.2
CVSSv3
CVE-2020-12470
MonoX up to and including 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.
Mono Monox
9.8
CVSSv3
CVE-2020-12471
MonoX up to and including 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.
Mono Monox
7.2
CVSSv3
CVE-2020-12473
MonoX up to and including 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program.
Mono Monox
5.3
CVSSv3
CVE-2023-35373
Mono Authenticode Validation Spoofing Vulnerability
Microsoft Mono
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »