Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nuget vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2023-29337
NuGet Client Remote Code Execution Vulnerability
Microsoft Nuget 6.5.0
Microsoft Nuget 6.4.1
Microsoft Nuget 6.3.2
Microsoft Nuget 6.2.3
Microsoft Nuget 6.0.4
Microsoft Nuget 6.6.0
5.3
CVSSv3
CVE-2023-32312
UmbracoIdentityExtensions is an Umbraco add-on package that enables easy extensibility points for ASP.Net Identity integration. In affected versions client secrets are not required which may expose some endpoints to untrusted actors. Since Umbraco is not a single-page application...
Umbraco Umbraco Identity Extensibility
5.4
CVSSv3
CVE-2023-34225
In JetBrains TeamCity prior to 2023.05 stored XSS in the NuGet feed page was possible
Jetbrains Teamcity
4.3
CVSSv3
CVE-2022-3478
An issue has been discovered in GitLab affecting all versions starting from 12.8 prior to 15.4.6, all versions starting from 15.5 prior to 15.5.5, all versions starting from 15.6 prior to 15.6.1. It was possible to trigger a DoS attack by uploading a malicious nuget package.
Gitlab Gitlab 15.6.0
Gitlab Gitlab
5.8
CVSSv3
CVE-2022-41064
.NET Framework Information Disclosure Vulnerability
Microsoft .net Framework 4.8
Microsoft .net Framework 4.8.1
Microsoft .net Framework 4.6.2
Microsoft .net Framework 4.7
Microsoft .net Framework 4.7.1
Microsoft .net Framework 4.7.2
Microsoft Nuget
7.8
CVSSv3
CVE-2022-41032
NuGet Client Elevation of Privilege Vulnerability
Microsoft .net Core 3.1
Microsoft .net 6.0.0
Microsoft Visual Studio 2022
Microsoft Visual Studio 2019
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
5.5
CVSSv3
CVE-2022-30184
.NET and Visual Studio Information Disclosure Vulnerability
Microsoft Visual Studio 2022
Microsoft .net Core 3.1
Microsoft Visual Studio 2019 8.10
Microsoft .net 6.0.0
Microsoft Visual Studio 2019
Microsoft Visual Studio 2022
Microsoft Nuget
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5.4
CVSSv3
CVE-2022-0243
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
5.4
CVSSv3
CVE-2022-0274
Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets before 1.2.2.
Orchardcore Orchardcore
9.1
CVSSv3
CVE-2021-21658
Jenkins Nuget Plugin 1.0 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Nuget
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »