Lucene search
K

26 matches found

Packet Storm
Packet Storm
added 2026/04/21 12:0 a.m.136 views

📄 ASP.net 8.0.10 Core Kestrel HTTP Request Smuggling

This Metasploit auxiliary module targets a critical HTTP request smuggling vulnerability in ASP.NET Core Kestrel caused by improper parsing of malformed chunked transfer encoding notably LF-only line handling and case-variant headers like chUnKEd...

9.9CVSS5.8AI score0.66258EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.8 views

MiracleLinux 9 : dotnet9.0-9.0.111-1.el9_6.ML.1 (AXSA:2025-10978:23)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10978:23 advisory. dotnet: .NET Information Disclosure Vulnerability CVE-2025-55248 dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55315 dotnet: .NET...

9.9CVSS8.5AI score0.66258EPSS
Exploits5References4
EUVD
EUVD
added 2025/11/11 12:41 a.m.1 views

EUVD-2025-55315

Malicious code in communist-jade-coyote npm...

6.6AI score
Exploits0
Wolfi
Wolfi
added 2025/11/04 2:34 p.m.7 views

CVE-2025-55315 vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap, dotnet...

9.9CVSS7.3AI score0.66258EPSS
Exploits5
MSRC
MSRC
added 2025/10/28 12:0 a.m.11 views

Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know

On October 14, 2025, Microsoft released a security update addressingCVE-2025-55315, a vulnerability in ASP.NET Core that allows HTTP request smuggling. While request smuggling is a known technique, this security update addresses a scenario with a high CVSS score to help encourage mitigation actio...

9.9CVSS6.9AI score0.66258EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-55315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inconsistent interpretation of http requests 'http request/response smuggling' in ASP.NET Core allows an authorized attacker to bypass a security feature over a...

9.9CVSS7.3AI score0.66258EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/10/23 12:0 a.m.12 views

Amazon Linux 2023 : aspnetcore-runtime-9.0, aspnetcore-runtime-dbg-9.0, aspnetcore-targeting-pack-9.0 (ALAS2023-2025-1231)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1231 advisory. Improper link resolution before file access 'link following' in .NET allows an authorized attacker to elevate privileges locally. CVE-2025-55247 Inadequate encryption strength in .NET, .NET...

9.9CVSS8.7AI score0.66258EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.12 views

AlmaLinux 8 : .NET 8.0 (ALSA-2025:18148)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18148 advisory. dotnet: .NET Information Disclosure Vulnerability CVE-2025-55248 dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55315 dotnet: .NET Denial of...

9.9CVSS8.8AI score0.66258EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2025/10/21 12:0 a.m.10 views

AlmaLinux 9 : .NET 8.0 (ALSA-2025:18149)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:18149 advisory. dotnet: .NET Information Disclosure Vulnerability CVE-2025-55248 dotnet: .NET Security Feature Bypass Vulnerability CVE-2025-55315 dotnet: .NET Denial of...

9.9CVSS8.8AI score0.66258EPSS
Exploits5References5
OSV
OSV
added 2025/10/18 8:9 a.m.7 views

RLSA-2025:18153 Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.111 and .NET Runtime...

8.5CVSS6.4AI score0.66258EPSS
Exploits5References4
Rockylinux
Rockylinux
added 2025/10/18 8:9 a.m.7 views

.NET 8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

9.9CVSS6.5AI score0.66258EPSS
Exploits5
Rockylinux
Rockylinux
added 2025/10/18 8:9 a.m.7 views

.NET 9.0 security update

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

9.9CVSS6.5AI score0.66258EPSS
Exploits5
Rockylinux
Rockylinux
added 2025/10/17 8:1 a.m.5 views

.NET 9.0 security update

An update is available for dotnet9.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

9.9CVSS6.5AI score0.66258EPSS
Exploits5
SUSE CVE
SUSE CVE
added 2025/10/16 11:23 p.m.3 views

SUSE CVE-2025-55315

unknown...

9.9CVSS7AI score0.66258EPSS
Exploits5References6
Chainguard
Chainguard
added 2025/10/16 2:19 p.m.7 views

CVE-2025-55315 vulnerabilities

Vulnerabilities for packages: dotnet, dotnet-bootstrap, azure-functions-extension-bundles...

9.9CVSS7.3AI score0.66258EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2025/10/16 12:0 a.m.4 views

RHEL 9 : .NET 8.0 (RHSA-2025:18256)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18256 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

9.9CVSS8.8AI score0.66258EPSS
Exploits5References8
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.7 views

RHEL 9 : .NET 9.0 (RHSA-2025:18151)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18151 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

9.9CVSS8.8AI score0.66258EPSS
Exploits5References8
OSV
OSV
added 2025/10/14 8:32 p.m.7 views

GHSA-5RRX-JJJQ-Q2R5 Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability

Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 10.0 , ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also...

9.9CVSS9.2AI score0.66258EPSS
Exploits5References5
Snyk
Snyk
added 2025/10/14 8:32 p.m.6 views

HTTP Request Smuggling

Overview Microsoft.AspNetCore.App.Runtime.osx-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunke...

9.9CVSS9.2AI score0.66258EPSS
Exploits5References2
Snyk
Snyk
added 2025/10/14 8:32 p.m.3 views

HTTP Request Smuggling

Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunke...

9.9CVSS9.2AI score0.66258EPSS
Exploits5References2
Rows per page
Query Builder