Lucene search
+L

223 matches found

nvd
nvd
added 3 days ago4 views

CVE-2026-57108

Access of resource using incompatible type 'type confusion' in .NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS0.01099EPSS
Exploits0References1
ptsecurity
ptsecurity
added 3 days ago6 views

PT-2026-58262

Name of the Vulnerable Software and Affected Versions ASP.NET Core affected versions not specified Description Resource allocation without limits or throttling allows an unauthorized attacker to cause a denial of service over a network. Recommendations At the moment, there is no information about...

7.5CVSS6.1AI score0.00798EPSS
Exploits0References3
nessus
nessus
added 3 days ago5 views

Security Update for Microsoft ASP.NET Core (CVE-2026-56170)

The Microsoft ASP.NET installations on the remote host are missing a security update. It is, therefore, affected by a denial of service vulnerability as referenced in the vendor advisory. - Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to den...

7.5CVSS6.2AI score0.00798EPSS
Exploits0References11
ptsecurity
ptsecurity
added 3 days ago5 views

PT-2026-58635

Name of the Vulnerable Software and Affected Versions .NET 8 .NET 9 .NET 10 Description An issue involving type confusion, which occurs when a program uses a resource with a type that is incompatible with the expected type, allows an unauthorized attacker to cause a denial of service over a...

7.5CVSS6.1AI score0.01099EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/08 10:9 p.m.33 views

CVE-2026-54773 CoreWCF: WS-Security signature substitution via document-wide Signature lookup

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF WS-Security signature verification performs a document-wide ds:Signature lookup, allowing an unauthenticated remote attacker to place a SOAP header before wsse:Security an...

5.9CVSS0.00238EPSS
Exploits0References6
redhat
redhat
added 2026/06/29 6:18 p.m.20 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS7.2AI score0.0243EPSS
Exploits0References5
redhat
redhat
added 2026/06/23 6:48 p.m.9 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References5
osv
osv
added 2026/06/22 5:39 a.m.4 views

BIT-DOTNET-2026-32175 .NET Core Tampering Vulnerability

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could write arbitrary files and directories to certain locations on a vulnerable system. However, an attacker would have limited control over the...

4.3CVSS6AI score0.00711EPSS
Exploits0References2
osv
osv
added 2026/06/15 8:11 p.m.32 views

GHSA-F8H2-VMM9-QHJ6 Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability

Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core SignalR and Blazor Server. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A denial of service...

7.5CVSS5.5AI score0.0243EPSS
Exploits0References6
nessus
nessus
added 2026/06/12 12:0 a.m.17 views

Security Update for Microsoft .NET Core (June 2026)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 - Improp...

7.8CVSS5.9AI score0.0243EPSS
Exploits0References18
vulnrichment
vulnrichment
added 2026/06/09 5:5 p.m.8 views

CVE-2026-45591 ASP.NET Core Denial of Service Vulnerability

...

7.5CVSS5.4AI score0.0243EPSS
Exploits0References1
cve
cve
added 2026/06/09 5:5 p.m.139 views

CVE-2026-45591

CVE-2026-45591 is an ASP.NET Core Denial of Service vulnerability caused by uncontrolled resource consumption, enabling network-based DoS by an unauthorized attacker. The NVD entries describe the impact as availability loss with a CVSS v3.1 base score of 7.5 (NETWORK, HIGH) and no confidentiality...

7.5CVSS5.4AI score0.0243EPSS
Exploits0References21Affected Software2
redos
redos
added 2026/06/08 12:0 a.m.8 views

ROS-20260608-73-0013

The vulnerability of the .NET Core software platform is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

4.3CVSS5.7AI score0.00711EPSS
Exploits0
redos
redos
added 2026/06/08 12:0 a.m.9 views

ROS-20260608-73-0014

The vulnerability of the .NET Core software platform is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

4.3CVSS5.7AI score0.00711EPSS
Exploits0
redos
redos
added 2026/06/08 12:0 a.m.8 views

ROS-20260608-73-0015

The vulnerability of the .NET Core software platform is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

4.3CVSS5.7AI score0.00711EPSS
Exploits0
redhat
redhat
added 2026/05/27 10:3 a.m.12 views

dotnet: .NET: infinite loop allows an attacker to cause a denial of service

A flaw was found in dotnet. An infinite loop in ASP.NET Core allows an unauthenticated remote attacker to cause a denial of service over a network. This issue can lead to an application crash and a high consumption of system resources...

7.5CVSS5.8AI score0.0243EPSS
Exploits0References5
nessus
nessus
added 2026/05/25 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-32175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully exploited this vulnerability could writ...

4.3CVSS6AI score0.00711EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/23 2:12 a.m.16 views

CVE-2026-32175

A flaw was found in dotnet. Improper handling of specially crafted files can cause a path traversal vulnerability in .NET Core, allowing an attacker who can send a malicious file to a vulnerable system to write to arbitrary files and directories in certain locations. Mitigation Mitigation for thi...

4.3CVSS5.8AI score0.00711EPSS
Exploits0References4
euvd
euvd
added 2026/05/18 7:8 p.m.28 views

EUVD-2026-29571

Microsoft Security Advisory CVE-2026-32175 – .NET Core Tampering Vulnerability...

4.3CVSS5.8AI score0.00711EPSS
Exploits0References4
nessus
nessus
added 2026/05/14 12:0 a.m.108 views

Security Update for Microsoft .NET Core (May 2026)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who...

7.5CVSS6.4AI score0.0243EPSS
Exploits0References21
Rows per page
Query Builder