Lucene search
K

25 matches found

Github Security Blog
Github Security Blog
added 2026/06/15 8:11 p.m.8 views

Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability

Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core SignalR and Blazor Server. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A denial of service...

7.5CVSS5.4AI score0.0243EPSS
Exploits0References6Affected Software4
Snyk
Snyk
added 2026/06/09 5:5 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. An attacker can exhaust system resources by sending specially crafted requests over the network, resulting in service unavailability for legitimate users. Remediation Upgrade...

8.7CVSS5.3AI score0.0243EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 7:10 p.m.9 views

Infinite loop

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Infinite loop in the...

8.7CVSS5.8AI score0.0243EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/11 9:11 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...

8.7CVSS5.8AI score0.02818EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/10 6:41 p.m.3 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commi...

8.7CVSS5.8AI score0.02049EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/14 8:32 p.m.7 views

HTTP Request Smuggling

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation ...

9.9CVSS9.2AI score0.66258EPSS
Exploits5References2
Snyk
Snyk
added 2025/09/08 2:41 p.m.3 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the msdia140.dll process. An attacker can execute arbitrary code by supplying specially crafted input that triggers an integer overflow and subsequent heap-bas...

7.5CVSS8.7AI score0.01764EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...

8.7CVSS6.9AI score0.01383EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 7:46 p.m.3 views

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

8.8CVSS7AI score0.02262EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 7:44 p.m.4 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue...

7.5CVSS7AI score0.01764EPSS
Exploits0References2
Snyk
Snyk
added 2024/10/08 5:43 p.m.3 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code...

9.2CVSS8.3AI score0.02049EPSS
Exploits0References3
Snyk
Snyk
added 2024/08/13 7:26 p.m.3 views

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information via the TlsStream process. An attacker can gain access to sensitive information by intercepting unencrypted data. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to...

7.1CVSS6.8AI score0.0131EPSS
Exploits0References2
Snyk
Snyk
added 2024/07/09 9:14 p.m.4 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation through the parsing of X.509 certificates. An attacker can cause excessive CPU consumption and disrupt service by submitting a specially crafted malicious certificate. Remediation Upgrade...

7.5CVSS6.9AI score0.02719EPSS
Exploits0References2
Snyk
Snyk
added 2024/05/14 8:31 p.m.6 views

Race Condition

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Race Condition through the...

5.9CVSS6.8AI score0.01688EPSS
Exploits0References2
Snyk
Snyk
added 2024/05/14 8:30 p.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to a stack buffer overrun in the Double Parse routine. An attacker can execute arbitrary code by supplying a specially crafted input that triggers the buffer overrun. Remediation Upgrade...

6.3CVSS8AI score0.01248EPSS
Exploits0References2
Snyk
Snyk
added 2024/03/12 8:7 p.m.3 views

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to the handling of specially crafted requests that may cause a resource leak. An attacker can cause a denial of service by sending these requests. Details Denial of Service DoS describes a family of attacks, al...

7.5CVSS7.1AI score0.03065EPSS
Exploits0References2
Snyk
Snyk
added 2024/02/13 7:43 p.m.3 views

Denial of Service (DoS)

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS when parsing X509...

7.5CVSS9.1AI score0.02707EPSS
Exploits0References2
Snyk
Snyk
added 2023/07/11 12:0 a.m.5 views

Access Restriction Bypass

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Access Restriction Bypass. A vulnerability exi...

8.1CVSS6.9AI score0.01913EPSS
Exploits0References2
Snyk
Snyk
added 2023/06/14 12:0 a.m.5 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET source generator for P/Invokes that can lead to generated code freeing uninitialized memory and crashing. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to...

7.3CVSS7.8AI score0.00999EPSS
Exploits0References2
Snyk
Snyk
added 2023/06/14 12:0 a.m.3 views

Privilege Escalation

Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET when deserializing a DataSet or DataTable from XML which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm64 to version 6.0.18,...

7.5CVSS6.9AI score0.01558EPSS
Exploits0References2
Rows per page
Query Builder