ALSA-2024:0848 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.102 and .NET Runtime 8.0.2...

Important: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

dotnet: Denial of Service in SignalR server

A denial of service vulnerability is present in the .NET applications utilizing SignalR, which a malicious client can exploit. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing...

Important: Red Hat Security Advisory: dotnet7.0 security update

An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: dotnet6.0 security update

An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: dotnet6.0 security update

An update for dotnet6.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

dotnet: Denial of Service in X509Certificate2

A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service DoS attack by providing specially crafte...

Cumulative Update 14 for Exchange Server 2019 (KB5035606)

Cumulative Update 14 for Exchange Server 2019 KB5035606 Important: This regularly scheduled cumulative update contains all the security fixes of the security updates in February and previous security updates. Cumulative Update 14 for Microsoft Exchange Server 2019 was released on February 13, 202...

February 13, 2024-KB5034684 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2

February 13, 2024-KB5034684 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 Release Date: February 13, 2024 Version: .NET Framework 3.5, 4.8 and 4.8.1 IMPORTANT This update is included in the Cumulative Update that's dated February 13, 2024. Parts of this updat...

February 13, 2024-KB5034614 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016

February 13, 2024-KB5034614 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016 Release Date: February 13, 2024 Version: .NET Framework 4.8 The February 13, 2024 update for Windows 10, version 1607 and Windows Server 2016 includes security and cumulative...

Microsoft .NET Security Vulnerabilities

Microsoft .NET is a software framework from Microsoft Corporation USA dedicated to agile software development, rapid application development, platform-agnosticism, and web transparency. A security vulnerability exists in Microsoft . The following products and versions are affected: ASP.NET Core...

February 13, 2024-KB5034682 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022

February 13, 2024-KB5034682 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows Server 2022 Release Date: February 13, 2024 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows Server 2022...

ALSA-2024:0806 Important: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.116 and .NET Runtime 7.0.16...

PowerShell is subject to remote code execution vulnerability

Microsoft Security Advisory CVE-2020-0605: .NET Framework Remote Code Execution Vulnerability Executive Summary A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability coul...

GHSA-JCMQ-5RRV-J2G4 PowerShell is subject to remote code execution vulnerability

Microsoft Security Advisory CVE-2020-0605: .NET Framework Remote Code Execution Vulnerability Executive Summary A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability coul...

BIT-DOTNET-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'...

BIT-DOTNET-SDK-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'...

CentOS 8 : .NET 8.0 (CESA-2024:0150)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:0150 advisory. - Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 - NET, .NET Framework, and...

January 23, 2024-KB5034582 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2

January 23, 2024-KB5034582 Cumulative Update Preview for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 22H2 Release Date: January 23, 2024 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 10...

Amazon Linux 2023 : aspnetcore-runtime-6.0, aspnetcore-targeting-pack-6.0, dotnet (ALAS2023-2024-489)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-489 advisory. Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability CVE-2024-0056 NET, .NET Framework, and Visual Studio Security Feature Bypass...