1206 matches found
RLSA-2026:8470 Important: .NET 8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.126 and .NET Runtime...
CVE-2026-5426
Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks...
Oracle Linux 9 : .NET / 10.0 (ELSA-2026-8471)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8471 advisory. 10.0.106-1.0.1 - Add support for Oracle Linux 10.0.106-1 - Update to .NET SDK 10.0.106 and Runtime 10.0.6 - Resolves: RHEL-163384 Tenable has extracted...
EUVD-2026-23271
Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks...
dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform
A flaw was found in .NET. A remote attacker could exploit this vulnerability by crafting a malicious XML document that triggers an infinite recursion within the XmlDecryptionTransform component. This could lead to a Denial of Service DoS, making the affected system unresponsive...
The vulnerability of the .NET software platform, related to the failure to take measures to neutralize special elements, allows attackers to perform spoofing attacks.
The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...
RHEL 9 : .NET 9.0 (RHSA-2026:8474)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:8474 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...
EUVD-2026-22404
Microsoft Security Advisory CVE-2026-26171 – .NET Denial of Service Vulnerability...
GHSA-VMWF-M9C5-3JVC Microsoft Security Advisory CVE-2026-32178 – .NET Spoofing Vulnerability
Executive Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0, .NET 9.0, and .NET 10.0. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A vulnerability exists in...
CVE-2026-32178
A flaw was found in the .NET runtime System.Net.Mail in how email address data is parsed. Improper neutralization of special characters, specifically carriage return and line feed CR/LF sequences, may allow specially crafted email address input to be interpreted incorrectly. An attacker could...
CVE-2026-32226
A flaw was found in .NET Framework. This vulnerability, a race condition, allows an unauthorized attacker to exploit improper synchronization when shared resources are concurrently executed. This can lead to a Denial of Service DoS over a network, making the affected system or application...
EUVD-2026-22363
Concurrent execution using shared resource with improper synchronization 'race condition' in .NET Framework allows an unauthorized attacker to deny service over a network...
CVE-2026-33116
Loop with unreachable exit condition 'infinite loop' in .NET, .NET Framework, Visual Studio allows an unauthorized attacker to deny service over a network...
CVE-2026-23666
Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network...
2026-04 .NET Framework 3.5 Security Update (KB5084165)
2026-04 Cumulative Update for .NET Framework 3.5 for Windows 11, version 26H1 for arm64...
2026-04 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 (KB5082411)
2026-04 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 for x64 KB5082411...
2026-04 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 for x64 (KB5082411)
2026-04 Cumulative Update for .NET Framework 4.8 for Windows Server 2016 for x64 KB5082411...
2026-04 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 (KB5082411)
2026-04 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1607 KB5082411...
2026-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 for x64 (KB5082418)
2026-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 for x64 KB5082418...
CVE-2026-23666
Improper input validation in .NET Framework allows an unauthorized attacker to deny service over a network...