mono-project

Top products

The 7 most recently published vulnerabilities affecting mono-project.

• CVE-2023-26314The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.8.8Feb 22, 2023
• CVE-2012-3543mono 2.10.x ASP.NET Web Form Hash collision DoS7.5Nov 21, 2019
• CVE-2019-0757A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager T...6.5Apr 9, 2019
• CVE-2015-2320The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.9.8Jan 8, 2018
• CVE-2015-2318The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka...8.1Jan 8, 2018
• CVE-2015-2319The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different...7.5Jan 8, 2018
• CVE-2010-1526Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; ...6.8Aug 24, 2010