4664 matches found
CVE-2026-6022 Uncontrolled Resource Consumption Vulnerability in Telerik UI for ASP.NET AJAX
In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...
CVE-2026-6022
CVE-2026-6022 affects Progress Telerik UI for ASP.NET AJAX (RadAsyncUpload). Before 2026.1.421, RadAsyncUpload allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, causing disk space exhaustion. Affected: RadAsyncUpload in T...
CVE-2026-40372
ASP.NET Core has a elevation-of-privilege vulnerability (CVE-2026-40372) due to improper verification of a cryptographic signature. The issue affects ASP.NET Core components where signature verification is required, enabling a remote attacker to elevate privileges over a network without user inte...
UBUNTU-CVE-2026-40372
Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network...
📄 ASP.net 8.0.10 Core Kestrel HTTP Request Smuggling
This Metasploit auxiliary module targets a critical HTTP request smuggling vulnerability in ASP.NET Core Kestrel caused by improper parsing of malformed chunked transfer encoding notably LF-only line handling and case-variant headers like chUnKEd...
CVE-2026-6560
A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function EditBasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed public...
CVE-2026-6581
A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function SetMobileAPInfoById of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now...
EUVD-2026-23690
A vulnerability has been found in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to...
H3C Magic B0 安全漏洞
H3C Magic B0 is a small wireless router produced by H3C Corporation. Versions of H3C Magic B0 including the 100R002 model had security vulnerabilities. These vulnerabilities stemmed from improper handling of parameters in the file/goform/aspForm, which could lead to buffer overflows...
PT-2026-37048
Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1 Description A buffer overflow can be triggered remotely via the POST Parameter Handler component. The issue exists within the url rule asp function of the '/url rule.asp' endpoint. Recommendations At the momen...
DNN 安全漏洞
DNN also known as DotNetNuke is an open-source content management system CMS developed by the American company DNN, supported by Microsoft and based on the ASP.NET platform. This system features easy installation, scalability, and rich functionality. Versions of DNN prior to 10.2.2 contained...
D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17632)
The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability caused by incorrect boundary checking in the tggl.asp script, which can be exploited by an attacker to cause a denial of service...
CVE-2025-50647
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint...
CVE-2025-50648
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate input validation in the /tggl.asp endpoint...
CVE-2025-45058
D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fx parameter in the jingxasp function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
EUVD-2025-209325
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to insufficient input validation on the name parameter in the /qostypeasp.asp endpoint...
EUVD-2025-209337
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thdgroup.asp endpoint...
CVE-2025-50673
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the httplanport parameter in the /webgl.asp endpoint...
CVE-2025-50672
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /yyxzdlink.asp endpoint...
CVE-2025-50660
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /urlmember.asp endpoint...