Lucene search
K

1979 matches found

Nuclei
Nuclei
added yesterday138 views

Cute Editor for ASP.NET 6.4 - Cross-Site Scripting

Cute Editor for ASP.NET 6.4 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. id:...

6.1CVSS6.4AI score0.02932EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday116 views

Umbraco <7.4.0- Server-Side Request Forgery

Umbraco before version 7.4.0 contains a server-side request forgery vulnerability in feedproxy.aspx that allows attackers to send arbitrary HTTP GET requests via http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index. id: CVE-2015-8813 info: name: Umbraco 7.4.0- Server-Side Request...

8.2CVSS7.3AI score0.11595EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:32 p.m.6 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

Security Updates for Microsoft Visual Studio Products (June 2026)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by a denial of service vulnerability: - Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2026-45591 Note that Nessus has not tested f...

7.5CVSS5.2AI score0.0243EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.147 views

Security Update for Microsoft ASP.NET Core (June 2026)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by the following vulnerability as referenced in the vendor advisory. - Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS6AI score0.0243EPSS
Exploits0References14
RedHat Linux
RedHat Linux
added 2026/06/11 11:53 a.m.12 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/11 11:53 a.m.9 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 10:4 p.m.8 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 9:17 p.m.11 views

Important: Red Hat Security Advisory: .NET 10.0 security update

An update for .NET 10.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/10 8:57 p.m.8 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 8:29 p.m.7 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2026/06/09 5:5 p.m.10 views

CVE-2026-45591

Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.4AI score0.0243EPSS
Exploits0
Redos
Redos
added 2026/06/08 12:0 a.m.13 views

ROS-20260608-73-0003

The vulnerability of the ASP.NET Core software platform is related to errors in checking the cryptographic signature. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...

9.1CVSS5.5AI score0.11205EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/28 3:46 p.m.13 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-42899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2026-42899 Note that...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/23 2:12 a.m.15 views

CVE-2026-42899

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources. Mitigation Red Hat has investigated whether a possible...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References4
OSV
OSV
added 2026/05/14 8:40 a.m.12 views

BIT-DOTNET-SDK-2026-42899 ASP.NET Core Denial of Service Vulnerability

Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References22
OSV
OSV
added 2026/05/14 8:40 a.m.8 views

BIT-DOTNET-2026-42899 ASP.NET Core Denial of Service Vulnerability

Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References22
AlpineLinux
AlpineLinux
added 2026/05/12 4:59 p.m.9 views

CVE-2026-42899

Loop with unreachable exit condition 'infinite loop' in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.0243EPSS
Exploits0
Redos
Redos
added 2026/04/29 12:0 a.m.9 views

ROS-20260429-73-0043

A vulnerability in the ASP.NET Core software platform is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

7.5CVSS7.2AI score0.02818EPSS
Exploits0
Rows per page
Query Builder