RLSA-2022:5046 Moderate: .NET 6.0 security and bugfix update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.106 and .NET Runtime 6.0.6...

June 14, 2022—KB5014697 (OS Build 22000.739)

June 14, 2022—KB5014697 OS Build 22000.739 Note: To improve the information presented in the history pages and related KBs and make them more useful to our customers, we have created an anonymous survey for you to share your comments and feedback. For information about Windows update terminology,...

June 14, 2022-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB5014807)

June 14, 2022-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB5014807 Applies to:Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2...

COM-Hunter - COM Hijacking VOODOO

COM Hijacking VOODOO COM-hunter is a COM Hijacking persistnce tool written in C. This tool was inspired during the RTO course of @zeropointsecltd Features Finds out entry valid CLSIDs in the victim's machine. Finds out valid CLSIDs via Task Scheduler in the victim's machine. Finds out if someone...

Microsoft Windows Remote Code Execution Vulnerability

A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts...

GHSA-G5VF-38CP-4PX9 .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'...

.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'...

.NET Core & .NET Framework Denial of Service Vulnerability

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'...

GHSA-3W5P-JHP5-C29Q .NET Core & .NET Framework Denial of Service Vulnerability

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'...

GHSA-5F2M-466J-3848 Denial of service in ASP.NET Core

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980...

Denial of service in ASP.NET Core

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0980...

Denial of service in ASP.NET Core

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981...

GHSA-XHFC-GR8F-FFWC Denial of service in ASP.NET Core

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981...

May 24, 2022-KB5014090 Cumulative Update Preview for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server, version 2019

May 24, 2022-KB5014090 Cumulative Update Preview for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server, version 2019 Release Date: May 24, 2022 Version: .NET Framework 3.5, 4.7.2 and 4.8 Summary This article describes the Cumulative Update for 3.5, 4.7.2 and 4.8 fo...

Important: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Improper Input Validation in Microsoft.NETCore.App

Microsoft .NET Framework 4.6, 4.6.1, 4.6.2, and 4.7 allow an attacker to send specially crafted requests to a .NET web application, resulting in denial of service, aka .NET Denial of Service Vulnerability...

Microsoft Security Update Validation May 2022

Microsoft’s May 2022 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English-only environments and issues may still be found upon implementation. Follow best practices for testing and installing software...

IpMatcher 1.0.4.1 Server-Side Request Forgery Vulnerability

IpMatcher versions 1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2 incorrectly validates octal and hexadecimal input data which can lead to indeterminate server-side request forgery, local file inclusion, remote file inclusion, and denial of service vectors. Exploit Title: SSRF in .N...

Improper Certificate Validation in Microsoft .NET Framework components

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework...

GHSA-P9WX-V264-Q34P Improper Certificate Validation in Microsoft .NET Framework components

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework...