Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuget vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2023-29337
NuGet Client Remote Code Execution Vulnerability
Microsoft Nuget 6.5.0
Microsoft Nuget 6.4.1
Microsoft Nuget 6.3.2
Microsoft Nuget 6.2.3
Microsoft Nuget 6.0.4
Microsoft Nuget 6.6.0
9.1
CVSSv3
CVE-2021-21658
Jenkins Nuget Plugin 1.0 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Nuget
5.5
CVSSv3
CVE-2019-0976
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated malicious user to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.
Microsoft Nuget 5.0.2
1 Article
6.5
CVSSv3
CVE-2019-0757
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated malicious user to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.
Microsoft Visual Studio 2017 -
Microsoft Nuget 4.9.4
Microsoft Nuget 4.3.1
Microsoft Nuget 4.4.2
Microsoft Nuget 4.7.2
Microsoft Nuget 4.8.2
Microsoft Nuget 4.5.2
Microsoft Nuget 4.6.3
Mono-project Mono Framework 5.18.0.223
Mono-project Mono Framework 5.20.0
Microsoft .net Core Sdk 1.1
Microsoft .net Core Sdk 2.1.500
Microsoft .net Core Sdk 2.2.100
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Tus 8.4
2 Articles
5.8
CVSSv3
CVE-2022-41064
.NET Framework Information Disclosure Vulnerability
Microsoft .net Framework 4.8
Microsoft .net Framework 4.8.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft Nuget
5.5
CVSSv3
CVE-2022-30184
.NET and Visual Studio Information Disclosure Vulnerability
Microsoft Visual Studio 2022
Microsoft .net Core 3.1
Microsoft Visual Studio 2019 8.10
Microsoft .net 6.0.0
Microsoft Visual Studio 2019
Microsoft Visual Studio 2022
Microsoft Nuget
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8.8
CVSSv3
CVE-2019-1258
An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens, aka 'Azure Active Directory Authentication Library Elevation of Privilege Vulnerability'.
Microsoft Nuget 5.2.0
Microsoft Active Directory Authentication Library 5.0.1
Microsoft Active Directory Authentication Library 5.0.2
Microsoft Active Directory Authentication Library 5.0.3
Microsoft Active Directory Authentication Library
Microsoft Active Directory Authentication Library 5.0.0
7.8
CVSSv3
CVE-2022-41032
NuGet Client Elevation of Privilege Vulnerability
Microsoft .net Core 3.1
Microsoft .net 6.0.0
Microsoft Visual Studio 2022
Microsoft Visual Studio 2019
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.4
CVSSv3
CVE-2022-0243
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0274
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »