CVE-2023-29326

CVE-2023-29326 is a .NET Framework remote code execution vulnerability affecting WPF/BAML handling in .NET Framework. The connected docs indicate it is addressed by Microsoft security updates (e.g., KB5027531/KB5027532 and related CVE mappings in the June 2023 updates). Exploitation details are n...

CVE-2023-29326 .NET Framework Remote Code Execution Vulnerability

...

CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

...

CVE-2023-24897

CVE-2023-24897 covers a .NET/.NET Framework/Visual Studio Remote Code Execution vulnerability. Public advisories attribute the flaw to the MSDIA SDK (causing heap overflow due to corrupted PDBs) and enable RCE under certain conditions. Affected products include .NET 6/7 runtimes and corresponding...

CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

...

Important: Red Hat Security Advisory: .NET 7.0 security, bug fix, and enhancement update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML

A flaw was found in dotnet. This issue can allow bypass restrictions when deserializing a DataSet or DataTable from XML...

Important: Red Hat Security Advisory: .NET 7.0 security, bug fix, and enhancement update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Microsoft fixes six critical vulnerabilities in June Patch Tuesday

Its that time of the month again: We're looking at June's Patch Tuesday roundup. Microsoft has released its monthly update, and compared to previous months, its actually not so bad. No actively exploited zero-days and only six critical vulnerabilities. So, well have the luxury of going over those...

ALSA-2023:3581 Important: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. The...

Important: .NET 7.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...

Microsoft .NET Framework Multiple Vulnerabilities (KB5027537)

This host is missing an important security update according to Microsoft KB5027537 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Important: .NET 6.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.118 and .NET Runtime 6.0.18. The...

Microsoft .NET Framework Multiple Vulnerabilities (KB5027538)

This host is missing an important security update according to Microsoft KB5027538 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

ALSA-2023:3592 Important: .NET 7.0 security, bug fix, and enhancement update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. A vulnerability exists in .NET when processing malicious X.509 client certificates that may consume excessive CPU. Details Denial of Service DoS describes a family of attacks, all aimed at making a system...

2023-06 Security and Quality Rollup for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded Standard 7 for x64 (KB5027540)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...