Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.117 and .NET Runtime...

.NET 9.0 security update

9.0.117-1.0.1 - Add support for Oracle Linux 9.0.117-1 - Update to .NET SDK 9.0.117 and Runtime 9.0.16 - Resolves: RHEL-173915...

RHEL 8 : .NET 9.0 (RHSA-2026:21294)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:21294 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation...

Fedora 42 : dotnet9.0 (2026-85758358ff)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-85758358ff advisory. Update to .NET SDK 9.0.117 and Runtime 9.0.16 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Infinite loop

Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Infinite loop in the FormDataReader.ProcessFormKeys...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper validation of user-supplied input in the authentication process. An attacker can gain elevated privileges by providing crafted input during local interaction. Remediation Upgrade...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper validation of user-supplied input in the authentication process. An attacker can gain elevated privileges by providing crafted input during local interaction. Remediation Upgrade...

2026-05 .NET 9.0.16 Security Update for x86 Client (KB5093448)

2026-05 .NET 9.0.16 Security Update for x86 Client KB5093448...

2026-05 .NET 9.0.16 Security Update for ARM64 Client (KB5093448)

2026-05 .NET 9.0.16 Security Update for ARM64 Client KB5093448...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses min-document which is vulnerable to CVE-2025-57352

Summary IBM Maximo Application Suite - Visual Inspection component uses min-document which is vulnerable to CVE-2025-57352, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-57352 DESCRIPTION: A vulnerability exists in the...

Apache Tomcat DoS Vulnerability (Mar 2019) - Linux

Apache Tomcat is prone to a denial of service vulnerability in the HTTP/2 implementation. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ocPortal 9.0.16 Multiply XSS Vulnerabilities

Exploit Title: ocPortal 9.0.16 Multiply XSS Vulnerabilities Google Dork: "Copyright c ocPortal 2011 " Date: 26-2-2015 Exploit Author: Dennis Veninga Vendor Homepage: http://ocportal.com/ Vendor contacted: 22-2-2015 Fix: http://ocportal.com/site/news/view/securityissues/xss-vulnerability-patch.htm...

ocPortal 9.0.16 Cross Site Scripting

Exploit Title: ocPortal 9.0.16 Multiply XSS Vulnerabilities Google Dork: "Copyright c ocPortal 2011 " Date: 26-2-2015 Exploit Author: Dennis Veninga Vendor Homepage: http://ocportal.com/ Vendor contacted: 22-2-2015 Fix: http://ocportal.com/site/news/view/securityissues/xss-vulnerability-patch.htm...

Null pointer dereference

The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service NULL pointer...

PostgreSQL远程拒绝服务漏洞

BUGTRAQ ID: 65728 CVECAN ID: CVE-2014-0066 PostgreSQL是一款高级对象－关系型数据库管理系统，支持扩展的SQL标准子集。 PostgreSQL 9.3.3, 9.2.7, 9.1.12, 9.0.16, 8.4.20之前版本的chkpass扩展没有检查对crypt的调用结果，经过身份验证的数据库用户可触发此漏洞造成PostgreSQL崩溃。 0 PostgreSQL PostgreSQL 8.x 厂商补丁： PostgreSQL ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

[SA15738] Contelligent Preview Privilege Escalation Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...