UBUNTU-CVE-2024-0057

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability...

KLA62822 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in NET, .NET...

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to bypass a security measure, gain bypass, gain elevated privileges and thus potentially execute arbitrary code with SYSTEM privileges. Obtaining...

PT-2024-1118

Name of the Vulnerable Software and Affected Versions .NET, .NET Framework, and Visual Studio versions prior to the fixed version Description A security-feature bypass issue affects .NET, .NET Framework, and Visual Studio, allowing remote attackers to bypass existing security restrictions. This...

Microsoft SQL Server Security Vulnerability

Microsoft SQL Server is a large commercial database system from Microsoft that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker could exploit the vulnerability to bypass certain functionality. The following products and versions are affected:...

Microsoft Windows PowerShell Code Execution / Event Log Bypass Vulnerabilities

Prior work from this researcher disclosed how PowerShell executes unintended files or BASE64 code when processing specially crafted filenames. This research builds on their PSTrojanFile work, adding a PS command line single quote bypass and PS event logging failure. On Windows CL tab, completing ...

Azure File Sync Agent v17 Release - December 2023

Azure File Sync Agent v17 Release - December 2023 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v17.1 release that is dated February 2024. Additionally, this article contains installation instructions for this release. Improvements and issues that...

dotnet6.0 security update

An update is available for dotnet6.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

RLSA-2023:7258 Moderate: dotnet6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.125 and .NET Runtime 6.0.25...

Oracle Linux 9 : dotnet7.0 (ELSA-2023-7255)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7255 advisory. 7.0.114-1.0.1 - Update to .NET SDK 7.0.114 and Runtime 7.0.14 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : dotnet6.0 (ELSA-2023-7258)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7258 advisory. 6.0.125-1.0.2 - Add strict BuildRequires on 6.0.125-1.0.1 6.0.125-1.0.1 - Update to .NET SDK 6.0.125 and Runtime 6.0.25 Tenable has extracted the...

The vulnerability of the Microsoft .NET Framework software, related to security configuration errors, allows a perpetrator to gain access to the hidden parts of a web application.

The vulnerability of the Microsoft.NET Framework is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to restricted parts of a web application by sending a specially crafted request...

Oracle Linux 8 : dotnet7.0 (ELSA-2023-7256)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7256 advisory. 7.0.114-1.0.1 - Update to .NET SDK 7.0.114 and Runtime 7.0.14 Tenable has extracted the preceding description block directly from the Oracle Linux...

Security Updates for Microsoft .NET Framework (November 2023)

The Microsoft .NET Framework installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities, as follows: - Security feature bypass in ASP.NET. An attacker can bypass the security checks that prevents an attacker from accessing internal...

Moderate: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Moderate: Red Hat Security Advisory: dotnet7.0 security update

An update for dotnet7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: Red Hat Security Advisory: dotnet6.0 security update

An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: Red Hat Security Advisory: dotnet7.0 security update

An update for dotnet7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Microsoft .NET Framework Multiple Vulnerabilities (KB5032007)

This host is missing an important security update according to Microsoft KB5032007 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Moderate: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.114 and .NET Runtime 7.0.14...