Skip to main content

Csharp Software Development Kit

2 CVEs product

Monthly

CVE-2018-8531 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft RCE Buffer Overflow Azure Internet Of Things Edge +1
NVD
CVSS 3.0
8.8
EPSS
15.2%
CVE-2018-8119 MEDIUM PATCH This Month

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability.". Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Java Microsoft Information Disclosure C Software Development Kit Csharp Software Development Kit +1
NVD
CVSS 3.0
5.6
EPSS
1.1%
EPSS 15% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft RCE +3
NVD
EPSS 1% CVSS 5.6
MEDIUM PATCH This Month

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability.". Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required.

Java Microsoft Information Disclosure +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy