cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21319,https://securityvulnerability.io/vulnerability/CVE-2024-21319,Microsoft Identity Denial of service vulnerability,"A denial of service vulnerability exists within Microsoft Identity, which could allow an attacker to impair the functions of the affected services. This vulnerability may lead to disruption in user authentication and application access, resulting in negative impacts on operations relying on these critical identity services. Organizations utilizing Microsoft Identity platforms must take necessary precautions to mitigate any potential exploitation of this vulnerability, ensuring the security and continuity of their operations.",Microsoft,".net 6.0,Microsoft Visual Studio 2022 Version 17.2,Microsoft Visual Studio 2022 Version 17.6,Microsoft Visual Studio 2022 Version 17.4,Microsoft Visual Studio 2022 Version 17.8,.net 7.0,.net 8.0,Microsoft Identity Model V6.0.0 Fornuget,Microsoft Identity Model V7.0.0 For Nuget,Microsoft Identity Model V6.0.0,Microsoft Identity Model V5.0.0,Microsoft Identity Model V7.0.0,Microsoft Identity Model V5.0.0 For Nuget",6.8,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2024-01-09T18:59:01.270Z,0
CVE-2024-0057,https://securityvulnerability.io/vulnerability/CVE-2024-0057,"NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability","A vulnerability exists in the .NET Framework and Visual Studio that allows an attacker to bypass security features. This can enable unauthorized access to system functions that would typically be restricted. The potential exploit could lead to increased risk for applications utilizing these frameworks if not addressed. Microsoft has highlighted this in its advisory, emphasizing the need for developers and IT administrators to apply patches and updates to safeguard their environments from potential exploitation.",Microsoft,".net 8.0,.net 7.0,.net 6.0,Microsoft Visual Studio 2022 Version 17.2,Microsoft Visual Studio 2019 Version 16.11 (includes 16.0 - 16.10),Microsoft Visual Studio 2022 Version 17.4,Microsoft Visual Studio 2022 Version 17.6,Microsoft Visual Studio 2022 Version 17.8,Nuget 5.11.0,Nuget 17.4.0,Nuget 17.6.0,Nuget 17.8.0,Powershell 7.2,Powershell 7.3,Powershell 7.4,Microsoft .net Framework 4.8,Microsoft .net Framework 3.5 And 4.8,Microsoft .net Framework 3.5 And 4.7.2,Microsoft .net Framework 4.6.2/4.7/4.7.1/4.7.2,Microsoft .net Framework 3.5 And 4.8.1,Microsoft .net Framework 2.0 Service Pack 2,Microsoft .net Framework 3.0 Service Pack 2",9.1,CRITICAL,0.0012100000167265534,false,true,false,true,,false,false,2024-01-09T18:15:00.000Z,0
CVE-2023-29337,https://securityvulnerability.io/vulnerability/CVE-2023-29337,NuGet Client Remote Code Execution Vulnerability,NuGet Client Remote Code Execution Vulnerability,Microsoft,"Nuget 6.2.3,Nuget 6.4.1,Nuget 6.5.0,Nuget 6.3.2,Nuget 6.0.4,Nuget 6.6.0,Nuget 5.11.4",7.1,HIGH,0.0013099999632686377,false,false,false,false,,false,false,2023-06-14T15:15:00.000Z,0
CVE-2022-41064,https://securityvulnerability.io/vulnerability/CVE-2022-41064,.NET Framework Information Disclosure Vulnerability,.NET Framework Information Disclosure Vulnerability,Microsoft,"Nuget 2.1.2,Nuget 4.8.5,Microsoft .net Framework 4.8,Microsoft .net Framework 3.5 And 4.6.2/4.7/4.7.1/4.7.2,Microsoft .net Framework 4.7.2,Microsoft .net Framework 4.8.1,Microsoft .net Framework 4.6.2/4.7/4.7.1/4.7.2,Microsoft .net Framework 4.6.2,Microsoft .net Framework 4.6/4.6.2",5.8,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2022-11-09T00:00:00.000Z,0
CVE-2019-1258,https://securityvulnerability.io/vulnerability/CVE-2019-1258,Azure Active Directory Authentication Library Elevation of Privilege Vulnerability,"An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-Behalf-Of flow, in the way the library caches tokens. This vulnerability allows an authenticated attacker to perform actions in context of another user.
The authenticated attacker can exploit this vulneraiblity by accessing a service configured for On-Behalf-Of flow that assigns incorrect tokens.
This security update addresses the vulnerability by removing fallback cache look-up for On-Behalf-Of scenarios.
",Microsoft,"Adal.net,Nuget 5.2.0",8.8,HIGH,0.0017399999778717756,false,false,false,false,,false,false,2019-08-14T20:55:06.000Z,0
CVE-2019-0976,https://securityvulnerability.io/vulnerability/CVE-2019-0976,,"A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default ""obj""), aka 'NuGet Package Manager Tampering Vulnerability'.",Microsoft,Nuget,5.5,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-05-16T18:24:57.000Z,0
CVE-2019-0757,https://securityvulnerability.io/vulnerability/CVE-2019-0757,,"A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.",Microsoft,"Microsoft Visual Studio,.net Core Sdk,Nuget,Mono Framework",6.5,MEDIUM,0.0008099999977275729,false,false,false,false,,false,false,2019-04-09T01:51:25.000Z,0