4664 matches found
CVE-2026-4767
Missing authentication for critical function vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Authentication Abuse. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...
EUVD-2026-41371
Missing authentication for critical function vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Authentication Abuse. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...
EUVD-2026-41370
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in TR7 Cyber Defense Inc. WAF-ASP allows Stored XSS. This issue affects WAF-ASP: from v1.0.324.900 before v1.4.0.117...
CVE-2026-4772
CVE-2026-4772 describes a stored cross-site scripting vulnerability in TR7 Cyber Defense Inc. WAF-ASP. Affected versions range from v1.0.324.900 up to, but not including, v1.4.0.117. The issue arises from improper neutralization of input during web page generation. The CVE is confirmed by multipl...
dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...
BIT-DOTNET-SDK-2026-45591 ASP.NET Core Denial of Service Vulnerability
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...
BIT-ASPNET-CORE-2026-45591 ASP.NET Core Denial of Service Vulnerability
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...
RHEL 9 : .NET 8.0 (RHSA-2026:28011)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28011 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinity on ASP chip The ASP chip is a very old variant of the GSP chip and is used, for example, in HP 730 workstations. When attempting to reprogram the affinity setting, the system may crash, especiall...
EUVD-2026-35549
Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability...
.NET 8.0 security update
An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
RockyLinux 10 : .NET 9.0 (RLSA-2026:25112)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25112 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...
RockyLinux 8 : .NET 9.0 (RLSA-2026:25113)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25113 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...
RockyLinux 10 : .NET 8.0 (RLSA-2026:25111)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:25111 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...
dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...
ALSA-2026:25220 Important: .NET 8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.128 and .NET Runtime...
AlmaLinux 8 : .NET 9.0 (ALSA-2026:25113)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25113 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...
AlmaLinux 10 : .NET 10.0 (ALSA-2026:25115)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25115 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...
AlmaLinux 10 : .NET 8.0 (ALSA-2026:25111)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25111 advisory. dotnet: .NET: Local file tampering via link following vulnerability CVE-2026-45491 dotnet: ASP.NET Core: Denial of Service via uncontrolled resource...
RHEL 9 : .NET 10.0 (RHSA-2026:25222)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25222 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...