Known Vulnerabilities for products from Mono-project

Listed below are 7 of the newest known vulnerabilities associated with the vendor "Mono-project".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2023-26314 json The mono package before 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-execut... 8.8 - HIGH 2023-02-22 2023-03-02
CVE-2019-0757 json A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to... 6.5 - MEDIUM 2019-04-09 2022-04-11
CVE-2015-2320 json The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSL... 9.8 - CRITICAL 2018-01-08 2018-01-30
CVE-2015-2319 json The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ci... 7.5 - HIGH 2018-01-08 2018-01-30
CVE-2015-2318 json The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently i... 8.1 - HIGH 2018-01-08 2018-01-30
CVE-2012-3543 json mono 2.10.x ASP.NET Web Form Hash collision DoS 7.5 - HIGH 2019-11-21 2020-08-18
CVE-2010-1526 json Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted ... 6.8 - MEDIUM 2010-08-24 2010-12-07

Known software with vulnerabilities from Mono-project

Type Vendor Product Version
ApplicationMono-projectLibgdiplus2.6.7
ApplicationMono-projectMono0.10