16 matches found
Fedora 42 : dotnet10.0 (2026-be6ea464d0)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-be6ea464d0 advisory. Update to .NET SDK 10.0.107 and Runtime 10.0.7 Fixes: CVE-2026-40372 Release Notes: - SDK:...
Fedora 43 : dotnet10.0 (2026-018d6721a0)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-018d6721a0 advisory. Update to .NET SDK 10.0.107 and Runtime 10.0.7 Fixes: CVE-2026-40372 Release Notes: - SDK:...
Important: dotnet10.0
Issue Overview: Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. CVE-2026-40372 Affected Packages: dotnet10.0 Issue Correction: Run dnf update dotnet10.0 --releasever 2023.11.20260427 or dnf update --advisory...
Amazon Linux 2023 : aspnetcore-runtime-10.0, aspnetcore-runtime-dbg-10.0, aspnetcore-targeting-pack-10.0 (ALAS2023-2026-1634)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1634 advisory. Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. CVE-2026-40372 Tenable has extracted the preceding description blo...
Linux Distros Unpatched Vulnerability : CVE-2026-40372
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network. CVE-2026-40372 Note that...
Microsoft Security Advisory CVE-2026-40372 – ASP.NET Core Elevation of Privilege
Executive Summary: A bug in Microsoft.AspNetCore.DataProtection 10.0.0-10.0.6 NuGet packages can give an attacker the opportunity to execute an Elevation of Privilege attack by forging authentication cookies, and also allows some protected payloads to be decrypted. If an attacker used forged...
Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug
Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372 , carries a CVSS score of 9.1 out of 10.0. It's rated Important in severity. An anonymous researcher has...
CVE-2026-40372
creationtimestamp| type| source ---|---|--- 2026-04-21 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1835 2026-04-21 21:26:25+00:00| seen| Telegram/zADwex3kLz9IaLHwxMwQfRAPY0yfg2SR1HrZ5uE72Qmc 2026-04-22 02:29:17+00:00| seen|...
CVE-2026-40372 ASP.NET Core Elevation of Privilege Vulnerability
...
CVE-2026-40372 ASP.NET Core Elevation of Privilege Vulnerability
...
CVE-2026-40372
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network...
UBUNTU-CVE-2026-40372
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network...
Security Bulletin: IBM® Db2® is vulnerable to denial of service with a specially crafted SQL statement using External Tables. (CVE-2023-40372)
Summary IBM® Db2® is vulnerable to denial of service with a specially crafted SQL statement using External Tables. Vulnerability Details CVEID:CVE-2023-40372 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to denial of service with a specially crafted SQ...
CVE-2023-40372
creationtimestamp| type| source ---|---|--- 2023-10-17 07:32:39+00:00| seen| https://t.me/cibsecurity/72401...
CVE-2023-40372 IBM Db2 denial of service
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499...
CVE-2023-40372
CVE-2023-40372 affects IBM Db2 for Linux, UNIX and Windows (including Db2 Connect Server) 11.5, vulnerable to denial of service via a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499. Reported CVSS base scores in sources range from 5.3 (medium) to 7.5 (high) depending...