July 9, 2024-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5041026)

July 9, 2024-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 KB5041026 Revised July 30, 2024: Add breaking change information to known issue section. Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6.2 Microsoft .NE...

July 9, 2024-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 (KB5041023)

July 9, 2024-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 KB5041023 Revised August 28, 2024: Update breaking change details to known issue section.Revised July 30, 2024: Add breaking change information to known issue section. Applies...

RHEL 9 : dotnet6.0 (RHSA-2024:4439)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4439 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

PT-2024-5361 · Microsoft +2 · Visual Studio +4

Name of the Vulnerable Software and Affected Versions: .NET, .NET Framework, and Visual Studio affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in .NET, .NET Framework, and Visual Studio. It is caused by incorrect handling of symbolic...

July 9, 2024-KB5041025 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Azure Stack HCI, version 22H2

July 9, 2024-KB5041025 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Azure Stack HCI, version 22H2 Revised August 28, 2024: Update breaking change details to known issue section.Revised July 30, 2024: Add breaking change information to known issue section. Release Date: July 9, 2024...

Microsoft Visual Studio and Microsoft .NET Security Vulnerabilities

Microsoft Visual Studio and Microsoft .NET are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a fundamentally complete set of development tools that includes most of the tools needed throughout the software lifecycle. Microsoft .NET...

July 9, 2024-KB5039892 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2

July 9, 2024-KB5039892 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 Revised August 28, 2024: Update breaking change details to known issue section.Revised July 30, 2024: Add breaking change information to known issue section. Release Date:...

KLA70414 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visual Studio can ...

Moderate: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.132 and Runtime 6.0.32. Security...

ALSA-2024:4439 Moderate: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET 6.0 to SDK 6.0.132 and Runtime 6.0.32...

CVE-2024-39677

NHibernate is an object-relational mapper for the .NET framework. A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes mappings using inheritance with discriminator values; HQL...

CVE-2024-39677 NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities

NHibernate is an object-relational mapper for the .NET framework. A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes mappings using inheritance with discriminator values; HQL...

CVE-2024-39677 NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities

NHibernate is an object-relational mapper for the .NET framework. A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes mappings using inheritance with discriminator values; HQL...

CVE-2024-39677

NHibernate (.NET) has a SQL injection vulnerability affecting certain implementations of ILiteralType.ObjectToSQLString. Exposed scenarios include: discriminator-based inheritance mappings, HQL queries referencing static application fields, and use of SqlInsertBuilder/SqlUpdateBuilder AddColumn o...

ROS-20240702-01

Vulnerabilities in Microsoft Visual Studio software development tool and Microsoft.NET Framework are related to uncontrolled resource consumption. Microsoft.NET Framework is associated with uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotel...

MAL-2024-4658 Malicious code in Stl.Fusion.Ext.Services.Net (NuGet)

--- -= Per source details. Do not edit below this line.=-...

June 25, 2024-KB5040370 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2

June 25, 2024-KB5040370 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 Release Date: June 25, 2024 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 10 Versio...

RLSA-2024:2842 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.105 and .NET Runtime 8.0.5...

RLSA-2024:3340 Important: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19...

RLSA-2024:3345 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.105 and .NET Runtime 8.0.5...