Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.8 views

Fedora 42 : dotnet10.0 (2026-be6ea464d0)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-be6ea464d0 advisory. Update to .NET SDK 10.0.107 and Runtime 10.0.7 Fixes: CVE-2026-40372 Release Notes: - SDK:...

9.1CVSS6AI score0.11205EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.6 views

Fedora 43 : dotnet10.0 (2026-018d6721a0)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-018d6721a0 advisory. Update to .NET SDK 10.0.107 and Runtime 10.0.7 Fixes: CVE-2026-40372 Release Notes: - SDK:...

9.1CVSS6AI score0.11205EPSS
Exploits0References2
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: dotnet10.0

Issue Overview: Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. CVE-2026-40372 Affected Packages: dotnet10.0 Issue Correction: Run dnf update dotnet10.0 --releasever 2023.11.20260427 or dnf update --advisory...

9.1CVSS5.2AI score0.11205EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

Amazon Linux 2023 : aspnetcore-runtime-10.0, aspnetcore-runtime-dbg-10.0, aspnetcore-targeting-pack-10.0 (ALAS2023-2026-1634)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1634 advisory. Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. CVE-2026-40372 Tenable has extracted the preceding description blo...

9.1CVSS6AI score0.11205EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/29 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-40372

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. CVE-2026-40372 Note that...

9.1CVSS5.7AI score0.11205EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/23 2:55 p.m.65 views

Microsoft Security Advisory CVE-2026-40372 – ASP.NET Core Elevation of Privilege

Executive Summary: A bug in Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages can give an attacker the opportunity to execute an Elevation of Privilege attack by forging authentication cookies, and also allows some protected payloads to be decrypted. If an attacker used forged...

9.1CVSS6.2AI score0.11205EPSS
Exploits0References5Affected Software1
The Hacker News
The Hacker News
added 2026/04/22 9:29 a.m.18 views

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372 , carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymous researcher has...

9.1CVSS5.8AI score0.11205EPSS
Exploits0
Circl
Circl
added 2026/04/21 9:0 p.m.5 views

CVE-2026-40372

creationtimestamp| type| source ---|---|--- 2026-04-21 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1835 2026-04-21 21:26:25+00:00| seen| Telegram/zADwex3kLz9IaLHwxMwQfRAPY0yfg2SR1HrZ5uE72Qmc 2026-04-22 02:29:17+00:00| seen|...

9.1CVSS5.6AI score0.11205EPSS
Exploits0References63
Vulnrichment
Vulnrichment
added 2026/04/21 7:20 p.m.5 views

CVE-2026-40372 ASP.NET Core Elevation of Privilege Vulnerability

...

9.1CVSS5.7AI score0.11205EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 7:20 p.m.144 views

CVE-2026-40372 ASP.NET Core Elevation of Privilege Vulnerability

...

9.1CVSS0.11205EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/04/21 7:20 p.m.5 views

CVE-2026-40372

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network...

9.1CVSS5.8AI score0.11205EPSS
Exploits0
OSV
OSV
added 2026/04/21 12:0 a.m.5 views

UBUNTU-CVE-2026-40372

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network...

9.1CVSS5.6AI score0.11205EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/18 4:8 p.m.40 views

Security Bulletin: IBM® Db2® is vulnerable to denial of service with a specially crafted SQL statement using External Tables. (CVE-2023-40372)

Summary IBM® Db2® is vulnerable to denial of service with a specially crafted SQL statement using External Tables. Vulnerability Details CVEID:CVE-2023-40372 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to denial of service with a specially crafted SQ...

7.5CVSS7.2AI score0.00812EPSS
Exploits0Affected Software1
Circl
Circl
added 2023/10/17 7:32 a.m.4 views

CVE-2023-40372

creationtimestamp| type| source ---|---|--- 2023-10-17 07:32:39+00:00| seen| https://t.me/cibsecurity/72401...

7.5CVSS7.9AI score0.00812EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/16 11:2 p.m.16 views

CVE-2023-40372 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499...

5.3CVSS7.5AI score0.00812EPSS
Exploits0References3
CVE
CVE
added 2023/10/16 11:2 p.m.87 views

CVE-2023-40372

CVE-2023-40372 affects IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) 11.5, vulnerable to denial of service via a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499. Reported CVSS base scores in sources range from 5.3 (medium) to 7.5 (high) depending...

7.5CVSS6.2AI score0.00812EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder