Denial of service

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability...

Remote code execution

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability...

Remote code execution

.NET Framework Remote Code Execution Vulnerability...

CVE-2023-29331 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

...

CVE-2023-24936

CVE-2023-24936 is a .NET/Visual Studio Elevation of Privilege vulnerability. IBM’s bulletin describes remote exploitation via a crafted request that could allow arbitrary code execution with admin privileges; affected IBM RPA for Cloud Pak versions require updating to 21.0.7.7 (or 23.0.8) to miti...

CVE-2023-29331 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

...

CVE-2023-29331

CVE-2023-29331 affects .NET, .NET Framework, and Visual Studio and is a Denial of Service vulnerability related to processing X.509 certificates. The entry has concrete details in connected docs: CVSS v3.1 base score 7.5 (HIGH) with network access, no user interaction, and Affected components inc...

CVE-2023-24936 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

...

CVE-2023-24895

CVE-2023-24895 is a .NET Framework/Visual Studio remote code execution vulnerability due to improper input validation. It is listed with a CVSS v3 base score of 7.8 (HIGH), vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The connected sources identify CVE-2023-24895 as an Improper Input Vali...

CVE-2023-29326

CVE-2023-29326 is a .NET Framework remote code execution vulnerability affecting WPF/BAML handling in .NET Framework. The connected docs indicate it is addressed by Microsoft security updates (e.g., KB5027531/KB5027532 and related CVE mappings in the June 2023 updates). Exploitation details are n...

CVE-2023-29326 .NET Framework Remote Code Execution Vulnerability

...

CVE-2023-29326 .NET Framework Remote Code Execution Vulnerability

...

CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

...

CVE-2023-24897

CVE-2023-24897 covers a .NET/.NET Framework/Visual Studio Remote Code Execution vulnerability. Public advisories attribute the flaw to the MSDIA SDK (causing heap overflow due to corrupted PDBs) and enable RCE under certain conditions. Affected products include .NET 6/7 runtimes and corresponding...

CVE-2023-24897 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

...

Important: Red Hat Security Advisory: .NET 7.0 security, bug fix, and enhancement update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

dotnet: Bypass restrictions when deserializing a DataSet or DataTable from XML

A flaw was found in dotnet. This issue can allow bypass restrictions when deserializing a DataSet or DataTable from XML...

Important: Red Hat Security Advisory: .NET 7.0 security, bug fix, and enhancement update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: .NET 6.0 security, bug fix, and enhancement update

An update for .NET 6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...