Filtered by vendor Mono-project
Subscriptions
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1526 | 1 Mono-project | 1 Libgdiplus | 2024-08-07 | N/A |
| Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2) a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or (3) a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows. | ||||
| CVE-2012-3543 | 3 Canonical, Debian, Mono-project | 3 Ubuntu Linux, Debian Linux, Mono | 2024-08-06 | 7.5 High |
| mono 2.10.x ASP.NET Web Form Hash collision DoS | ||||
| CVE-2015-2318 | 2 Debian, Mono-project | 2 Debian Linux, Mono | 2024-08-06 | N/A |
| The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. | ||||
| CVE-2015-2320 | 2 Debian, Mono-project | 2 Debian Linux, Mono | 2024-08-06 | N/A |
| The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback. | ||||
| CVE-2015-2319 | 1 Mono-project | 1 Mono | 2024-08-06 | N/A |
| The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204. | ||||
| CVE-2019-0757 | 4 Apple, Microsoft, Mono-project and 1 more | 11 Macos, .net Core, .net Core Sdk and 8 more | 2024-08-04 | 6.5 Medium |
| A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. | ||||
| CVE-2023-26314 | 2 Debian, Mono-project | 2 Debian Linux, Mono | 2024-08-02 | 8.8 High |
| The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter. | ||||
Page 1 of 1.