Known Vulnerabilities for products from Mono
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Mono".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34760 | Not Provided | 2026-04-02 | 2026-04-02 | |
| CVE-2020-12473 | MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ... | 7.2 - HIGH | 2020-04-29 | 2021-07-21 |
| CVE-2020-12472 | MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description. | 5.4 - MEDIUM | 2020-04-29 | 2020-05-04 |
| CVE-2020-12471 | MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.... | 9.8 - CRITICAL | 2020-04-29 | 2020-05-04 |
| CVE-2020-12470 | MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template. | 7.2 - HIGH | 2020-04-29 | 2020-05-04 |
| CVE-2012-3382 | Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandl... | 4.3 - MEDIUM | 2012-07-12 | 2013-04-05 |
| CVE-2011-0992 | Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers t... | 5.8 - MEDIUM | 2011-04-13 | 2017-08-17 |
| CVE-2011-0991 | Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers t... | 6.8 - MEDIUM | 2011-04-13 | 2017-08-17 |
| CVE-2011-0990 | Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2... | 5.8 - MEDIUM | 2011-04-13 | 2017-08-17 |
| CVE-2011-0989 | The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 i... | 5.8 - MEDIUM | 2011-04-13 | 2017-08-17 |
| CVE-2010-4254 | Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic metho... | 7.5 - HIGH | 2010-12-06 | 2011-02-02 |
| CVE-2010-4225 | Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the sou... | 5 - MEDIUM | 2011-01-11 | 2017-08-17 |
| CVE-2010-4159 | Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a ... | 6.9 - MEDIUM | 2010-11-17 | 2010-12-09 |
| CVE-2010-1459 | The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which all... | 4.3 - MEDIUM | 2010-05-27 | 2010-09-09 |
| CVE-2008-3906 | CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and ... | 4.3 - MEDIUM | 2008-09-04 | 2018-10-11 |
| CVE-2008-3422 | Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attac... | 4.3 - MEDIUM | 2008-07-31 | 2018-10-03 |
| CVE-2007-5473 | StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source ... | 5 - MEDIUM | 2007-10-18 | 2017-07-29 |
| CVE-2007-5197 | Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute a... | 7.5 - HIGH | 2007-11-02 | 2018-10-30 |
| CVE-2006-6104 | The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which al... | 5 - MEDIUM | 2006-12-21 | 2018-10-17 |
| CVE-2006-5072 | The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users... | 6.2 - MEDIUM | 2006-10-10 | 2017-07-20 |