Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mono project mono vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26314
The mono package prior to 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
Mono-project Mono 6.8.0.105\\+dfsg-3
Mono-project Mono 5.18.0.240\\+dfsg-3
Debian Debian Linux 10.0
5
CVSSv2
CVE-2012-3543
mono 2.10.x ASP.NET Web Form Hash collision DoS
Mono-project Mono
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
4
CVSSv2
CVE-2019-0757
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated malicious user to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.
Microsoft Visual Studio 2017 -
Microsoft Nuget 4.9.4
Microsoft Nuget 4.3.1
Microsoft Nuget 4.4.2
Microsoft Nuget 4.7.2
Microsoft Nuget 4.8.2
Microsoft Nuget 4.5.2
Microsoft Nuget 4.6.3
Mono-project Mono Framework 5.18.0.223
Mono-project Mono Framework 5.20.0
Microsoft .net Core Sdk 1.1
Microsoft .net Core Sdk 2.1.500
Microsoft .net Core Sdk 2.2.100
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
2 Articles
7.5
CVSSv2
CVE-2015-2320
The TLS stack in Mono prior to 3.12.1 allows remote malicious users to have unspecified impact via vectors related to client-side SSLv2 fallback.
Mono-project Mono
Debian Debian Linux 7.0
6.8
CVSSv2
CVE-2015-2318
The TLS stack in Mono prior to 3.12.1 allows man-in-the-middle malicious users to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
Mono-project Mono
Debian Debian Linux 6.0
5
CVSSv2
CVE-2015-2319
The TLS stack in Mono prior to 3.12.1 makes it easier for remote malicious users to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.
Mono-project Mono
6.8
CVSSv2
CVE-2010-1526
Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow malicious users to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2) a crafted JPEG file, related to the gdip_load_jpeg_image_internal functio...
Mono-project Libgdiplus 2.6.7
4.3
CVSSv2
CVE-2010-1459
The default configuration of ASP.NET in Mono prior to 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote malicious users to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP ...
Mono Mono 1.1.17
Mono Mono 1.1.13.7
Mono Mono 2.4.2.2
Mono Mono 2.4.2.1
Mono Mono 1.2.6
Mono Mono 1.2.5.2
Mono Mono 1.2.1
Mono Mono 1.2
Mono Mono 1.1.13.2
Mono Mono 1.1.12.1
Mono Mono 1.1.9
Mono Mono 1.1.8.1
Mono Mono 1.1.1
Mono Mono 1.0.6
Mono Mono 1.2.5.1
Mono Mono 1.1.8.3
Mono Mono 1.1.13.6
Mono Mono 1.1.13.4
Mono Mono 2.4.2
Mono Mono 2.4
Mono Mono 1.2.5
Mono Mono 1.2.4
5
CVSSv2
CVE-2009-0217
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Pro...
Oracle Application Server 10.1.3.4
Oracle Application Server 10.1.2.3
Oracle Bea Product Suite 10.0
Mono Project Mono 2.0
Oracle Weblogic Server Component 10.3
Oracle Weblogic Server Component 10.0
Ibm Websphere Application Server 6.0.2.10
Ibm Websphere Application Server 6.0.2.12
Ibm Websphere Application Server 6.0.1.1
Ibm Websphere Application Server 6.0.1.13
Ibm Websphere Application Server 6.0.2.2
Ibm Websphere Application Server 6.0.2.19
Ibm Websphere Application Server 6.0.2.21
Ibm Websphere Application Server 6.0.0.2
Ibm Websphere Application Server 6.0.2.29
Ibm Websphere Application Server 6.0.2.28
Ibm Websphere Application Server 6.0.2.25
Ibm Websphere Application Server 6.1.0.20
Ibm Websphere Application Server 6.1.0.22
Ibm Websphere Application Server 6.1.0.13
Ibm Websphere Application Server 6.1.0.14
Ibm Websphere Application Server 6.1.0.3
4.3
CVSSv2
CVE-2008-3906
CRLF injection vulnerability in Sys.Web in Mono 2.0 and previous versions allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string.
Mono Mono 1.0.5
Mono Mono 1.1.13
Mono Mono 1.2.5.1
Mono Project Mono 1.2.1
Mono Project Mono
Mono Mono 1.1.17.1
Mono Mono 1.0
Mono Mono 1.1.4
Mono Mono 1.1.8.3
Mono Project Mono 1.2.6
Mono Project Mono 1.9
Mono Mono 1.1.17
Mono Mono 1.1.18
Mono Project Mono 1.2.4
Mono Project Mono 1.2.5
Mono Mono 1.1.13.4
Mono Mono 1.1.13.6
Mono Mono 1.1.13.7
Mono Project Mono 1.2.2
Mono Project Mono 1.2.3
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »