Soroush Dalili

**Name of the Vulnerable Software and Affected Versions** ASP.NET (affected versions not specified) **Description** The issue is related to errors in security settings of the Microsoft .NET Framework platform. It allows a remote attacker to access a closed part of a web application by sending a specially formed request. This is a security-feature bypass issue that can affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ASP.NET (affected versions not specified) **Description** The issue is related to an elevation-of-privilege vulnerability in ASP.NET, which allows attackers to affect the system. This vulnerability is associated with insufficient access controls in the Microsoft .NET Framework. Exploitation of this vulnerability may enable a remote attacker to elevate their privileges. The vulnerability is also known as "Cookieless DuoDrop" and involves an IIS Auth Bypass and App Pool Privesc in the ASP-NET Framework. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Paint.NET versions prior to 4.1.2 **Description** The issue allows deserialization of untrusted data. **Recommendations** For versions prior to 4.1.2, update to version 4.1.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WordPress versions prior to 5.2.3 **Description** The issue is related to the incorrect handling of media during upload in the WordPress content management system, specifically affecting the `wp ajax upload attachment` function. This can allow a remote attacker to compromise data integrity. The problem is also described as allowing XSS in media uploads due to the mishandling of the `wp ajax upload attachment` function. **Recommendations** For versions prior to 5.2.3, update to version 5.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the media upload functionality until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** WordPress versions prior to 5.2.3 **Description** The issue is related to an error in the content management system of WordPress, allowing for a Cross-Site Scripting (XSS) attack when authorized users view post previews. This could enable a remote attacker to compromise data integrity. **Recommendations** For versions prior to 5.2.3, update to version 5.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to post previews for authenticated users until the update is applied.

**Name of the Vulnerable Software and Affected Versions** WordPress versions prior to 5.2.3 **Description** The issue is related to incorrect URL sanitization in the `wp kses bad protocol once` function, which can lead to cross-site scripting (XSS) attacks. This could allow a remote attacker to compromise data integrity. **Recommendations** For WordPress versions prior to 5.2.3, update to version 5.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable URL endpoints until the update is applied.

**Name of the Vulnerable Software and Affected Versions** MailEnable versions prior to 8.60 **Description** The issue allows for privilege escalation due to the mishandling of %0A in AUTH.TAB after a password-change request, which could lead to the creation of admin accounts. **Recommendations** For versions prior to 8.60, update to version 8.60 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MailEnable versions prior to 8.60 **Description** The issue allows for Directory Traversal, enabling unauthorized actions such as reading messages of other users, uploading files, and deleting files. This is due to the mishandling of "/../" and "/.. /" sequences. **Recommendations** For MailEnable versions prior to 8.60, update to version 8.60 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MailEnable versions prior to 8.60 **Description** The issue allows for XXE (XML External Entity) attacks through an XML document in the `request.aspx` `Options` parameter. **Recommendations** For versions prior to 8.60, update to version 8.60 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MailEnable versions prior to 8.60 **Description** The issue allows for Stored XSS attacks through the use of a malformed "<img/src" tag without a ">" character in the body of an e-mail message. **Recommendations** For MailEnable versions prior to 8.60, update to version 8.60 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft .NET Framework versions 2.0 through 4.7.2 **Description** A remote code execution issue exists when Microsoft .NET Framework processes untrusted input. This could allow a remote attacker to execute arbitrary code using a specially crafted document or application. An attacker who successfully exploits this issue could take control of an affected system. To exploit the issue, an attacker would need to be able to upload a specially crafted file to a web application. **Recommendations** For Microsoft .NET Framework versions 2.0 through 4.7.2, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JetBrains dotPeek versions prior to 2018.2 JetBrains ReSharper Ultimate versions prior to 2018.1.4 **Description** The issue allows attackers to execute code by decompiling a compiled .NET object, such as a DLL or EXE file, with a specific file. This is due to the deserialization of untrusted data. **Recommendations** For JetBrains dotPeek versions prior to 2018.2, update to version 2018.2 or later. For JetBrains ReSharper Ultimate versions prior to 2018.1.4, update to version 2018.1.4 or later.

**Name of the Vulnerable Software and Affected Versions** Redgate .NET Reflector versions prior to 10.0.7.774 Redgate SmartAssembly versions prior to 6.12.5 **Description** The issue allows attackers to execute code by decompiling a compiled .NET object, such as a DLL or EXE file, with a specific embedded resource file. **Recommendations** For Redgate .NET Reflector versions prior to 10.0.7.774, update to version 10.0.7.774 or later. For Redgate SmartAssembly versions prior to 6.12.5, update to version 6.12.5 or later.

**Name of the Vulnerable Software and Affected Versions** Microsoft SharePoint (affected versions not specified) **Description** A remote code execution issue exists in Microsoft SharePoint due to the software's failure to properly check the source markup of an application package. This allows an attacker to run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account by uploading a specially crafted SharePoint application package. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** .NET Framework versions 4.7.2 **Description** A Remote Code Execution issue exists in .NET software due to its failure to check the source markup of a file. This allows an attacker to run arbitrary code in the context of the current user. If the user has administrative rights, the attacker could take control of the system, install programs, view, change, or delete data, or create new accounts with full user rights. The exploitation requires a user to open a specially crafted file with an affected version of .NET. **Recommendations** For .NET Framework version 4.7.2, update to a version that includes the fix for this issue to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** Microsoft .NET Framework versions 2.0 through 4.7.2 Microsoft .NET Framework version 3.5 Microsoft .NET Framework version 3.5.1 Microsoft .NET Framework version 4.5.2 Microsoft .NET Framework version 4.6 Microsoft .NET Framework version 4.6.1 Microsoft .NET Framework version 4.6.2 Microsoft .NET Framework version 4.7 Microsoft .NET Framework version 4.7.1 **Description** A remote code execution issue exists due to improper input validation in the Microsoft .NET Framework. This could allow an attacker to take control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights compared to those operating with administrative rights. **Recommendations** For Microsoft .NET Framework version 2.0, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 3.5, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 3.5.1, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.5.2, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.6, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.6.1, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.6.2, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.7, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.7.1, update to a newer version to mitigate the risk. For Microsoft .NET Framework version 4.7.2, update to a newer version to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Internet Explorer (affected versions not specified) **Description** The issue is related to a use-after-free error when working with the CElement object, allowing remote attackers to execute arbitrary code or cause a denial of service by accessing a specially crafted website. This could corrupt memory, enabling an attacker to execute code in the context of the current user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Jenkins versions prior to 1.491 Jenkins LTS versions prior to 1.480.1 Jenkins Enterprise versions 1.424.x prior to 1.424.6.13 Jenkins Enterprise versions 1.447.x prior to 1.447.4.1 Jenkins Enterprise versions 1.466.x prior to 1.466.10.1 **Description** A cross-site scripting (XSS) issue allows remote authenticated users with write access to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For Jenkins versions prior to 1.491, update to version 1.491 or later. For Jenkins LTS versions prior to 1.480.1, update to version 1.480.1 or later. For Jenkins Enterprise versions 1.424.x prior to 1.424.6.13, update to version 1.424.6.13 or later. For Jenkins Enterprise versions 1.447.x prior to 1.447.4.1, update to version 1.447.4.1 or later. For Jenkins Enterprise versions 1.466.x prior to 1.466.10.1, update to version 1.466.10.1 or later.

**Name of the Vulnerable Software and Affected Versions** Jenkins versions prior to 1.491 Jenkins LTS versions prior to 1.480.1 Jenkins Enterprise versions 1.424.x prior to 1.424.6.13 Jenkins Enterprise versions 1.447.x prior to 1.447.4.1 Jenkins Enterprise versions 1.466.x prior to 1.466.10.1 **Description** The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. **Recommendations** For Jenkins versions prior to 1.491, update to version 1.491 or later. For Jenkins LTS versions prior to 1.480.1, update to version 1.480.1 or later. For Jenkins Enterprise versions 1.424.x prior to 1.424.6.13, update to version 1.424.6.13 or later. For Jenkins Enterprise versions 1.447.x prior to 1.447.4.1, update to version 1.447.4.1 or later. For Jenkins Enterprise versions 1.466.x prior to 1.466.10.1, update to version 1.466.10.1 or later.

**Name of the Vulnerable Software and Affected Versions** Jenkins versions prior to 1.491 Jenkins LTS versions prior to 1.480.1 Jenkins Enterprise versions 1.424.x prior to 1.424.6.13 Jenkins Enterprise versions 1.447.x prior to 1.447.4.1 Jenkins Enterprise versions 1.466.x prior to 1.466.10.1 **Description** The issue allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. **Recommendations** For Jenkins versions prior to 1.491, update to version 1.491 or later. For Jenkins LTS versions prior to 1.480.1, update to version 1.480.1 or later. For Jenkins Enterprise versions 1.424.x prior to 1.424.6.13, update to version 1.424.6.13 or later. For Jenkins Enterprise versions 1.447.x prior to 1.447.4.1, update to version 1.447.4.1 or later. For Jenkins Enterprise versions 1.466.x prior to 1.466.10.1, update to version 1.466.10.1 or later.