Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Powershell
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 16 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-12-18 | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles... | Kitty, Sshd, Sshj, Macos, Asyncssh, Ssh_client, Ssh_server, Sshlib, Thrussh, Crushftp, Debian_linux, Dropbear_ssh, Erlang\/otp, Fedora, Filezilla_client, Freebsd, Security, Crypto, Maverick_synergy_java_ssh_api, Lanconfig, Lcos, Lcos_fx, Lcos_lx, Lcos_sx, Libssh, Libssh2, Jsch, Powershell, Net\-Ssh, Pfsense_ce, Pfsense_plus, Xshell_7, Openssh, Cyclone_ssh, Nova, Transmit_5, Paramiko, Proftpd, Putty, Advanced_cluster_security, Ceph_storage, Cert\-Manager_operator_for_red_hat_openshift, Discovery, Enterprise_linux, Jboss_enterprise_application_platform, Keycloak, Openshift_api_for_data_protection, Openshift_container_platform, Openshift_data_foundation, Openshift_dev_spaces, Openshift_developer_tools_and_services, Openshift_gitops, Openshift_pipelines, Openshift_serverless, Openshift_virtualization, Openstack_platform, Single_sign\-On, Storage, Pkixssh, Russh, Sftpgo, Ssh, Ssh2, Tera_term, Sftp_gateway_firmware, Tinyssh, Ssh2, Securecrt, Winscp | 5.9 | ||
| 2024-03-12 | CVE-2024-21392 | .NET and Visual Studio Denial of Service Vulnerability | \.net, Powershell, Visual_studio_2022 | N/A | ||
| 2020-05-21 | CVE-2020-1108 | A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'. | \.net, \.net_core, \.net_framework, Powershell, Powershell_core, Visual_studio_2017, Visual_studio_2019 | 7.5 | ||
| 2020-09-15 | CVE-2020-8927 | A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. | Ubuntu_linux, Debian_linux, Fedora, Brotli, \.net, \.net_core, Powershell, Visual_studio_2019, Visual_studio_2022, Leap | 6.5 | ||
| 2021-10-13 | CVE-2021-41355 | .NET Core and Visual Studio Information Disclosure Vulnerability | \.net, Powershell, Visual_studio_2019 | N/A | ||
| 2021-12-15 | CVE-2021-43896 | Microsoft PowerShell Spoofing Vulnerability | Powershell | 5.5 | ||
| 2022-03-09 | CVE-2022-24512 | .NET and Visual Studio Remote Code Execution Vulnerability | Fedora, \.net, \.net_core, Powershell, Visual_studio_2019, Visual_studio_2022 | N/A | ||
| 2022-04-15 | CVE-2022-26788 | PowerShell Elevation of Privilege Vulnerability | Powershell, Windows_10, Windows_11, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022 | N/A | ||
| 2022-05-10 | CVE-2022-23267 | .NET and Visual Studio Denial of Service Vulnerability | Fedora, \.net, \.net_core, Powershell, Visual_studio_2019, Visual_studio_2022 | N/A | ||
| 2022-08-09 | CVE-2022-34716 | .NET Spoofing Vulnerability | \.net, \.net_core, Powershell | N/A |