Lucene search
+L

209 matches found

Snyk
Snyk
added 2025/04/08 4:0 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...

8.7CVSS6.9AI score0.0154EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...

8.7CVSS6.9AI score0.0154EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.8 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...

8.7CVSS6.9AI score0.0154EPSS
Exploits0References2
OSV
OSV
added 2025/04/08 12:0 a.m.2 views

UBUNTU-CVE-2025-26682

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.0154EPSS
Exploits0References4
Amazon
Amazon
added 2025/04/01 12:0 a.m.6 views

Important: dotnet8.0

Issue Overview: Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. CVE-2025-24070 Affected Packages: dotnet8.0 Issue Correction: Run dnf update dotnet8.0 --releasever 2023.7.20250331 or dnf update --advisory ALAS2023-2025-912...

7CVSS7AI score0.00911EPSS
Exploits1
Snyk
Snyk
added 2025/03/11 7:24 p.m.6 views

Improper Authentication

Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...

8.3CVSS7.1AI score0.00911EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/11 7:24 p.m.3 views

Improper Authentication

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsyn...

8.3CVSS7.1AI score0.00911EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/11 7:24 p.m.4 views

Improper Authentication

Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...

8.3CVSS7.1AI score0.00911EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/11 7:24 p.m.6 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync function method, which does not verify the identity of the calling TUser, allowing an attacker to escalate privileges to that of another user. Remediation Upgrade...

8.3CVSS7.2AI score0.00911EPSS
Exploits1References2
Snyk
Snyk
added 2025/03/11 7:24 p.m.4 views

Improper Authentication

Overview Microsoft.AspNetCore.App.Runtime.win-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...

8.3CVSS7.1AI score0.00911EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/02/24 12:0 a.m.8 views

The vulnerability of the CIE.AspNetCore.Authentication library in the ASP.NET Core software platform arises from authentication procedures that have flaws. This allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of the CIE.AspNetCore.Authentication library in the ASP.NET Core software platform is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to bypass security restrictions and gain unauthorized access to protected informatio...

9.4CVSS7.7AI score0.00585EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/02/18 6:39 p.m.8 views

CVE-2025-24895 SAML Response Signature Verification Bypass in CIE.AspNetCore.Authentication

CIE.AspNetCore.Authentication is an AspNetCore Remote Authenticator for CIE 3.0. Authentication using Spid and CIE is based on the SAML2 standard which provides two entities: 1. Identity Provider IDP: the system that authenticates users and provides identity information SAML affirmation to the...

9.1CVSS6.7AI score0.00585EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/02/18 12:0 a.m.6 views

AspNetCore Remote Authenticator for CIE3.0 授权问题漏洞

AspNetCore Remote Authenticator for CIE3.0 is an open source AspNetCore Remote Authenticator for CIE 3.0 by Developers Italia. An authorization issue vulnerability exists in AspNetCore Remote Authenticator for CIE3.0 that stems from not properly verifying the signature of a SAML response. An...

9.1CVSS8.7AI score0.00585EPSS
Exploits0References2
Snyk
Snyk
added 2024/12/20 9:30 p.m.2 views

Cross-site Scripting (XSS)

Overview Piranha.Manager is a manager panel for Piranha CMS for AspNetCore. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the /manager/pages endpoint, as a markdown content. PoC 1 Login via the manager endpoint :: /manager/login 2 Navigate to the "Pages" Content...

4.8CVSS5.2AI score0.00443EPSS
Exploits1References2
Snyk
Snyk
added 2024/10/08 5:43 p.m.4 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code...

9.2CVSS8.3AI score0.02078EPSS
Exploits0References3
Snyk
Snyk
added 2024/10/08 5:43 p.m.4 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code...

9.2CVSS8AI score0.02078EPSS
Exploits0References3
Snyk
Snyk
added 2024/10/08 5:43 p.m.3 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code execution...

9.2CVSS8AI score0.02078EPSS
Exploits0References3
Snyk
Snyk
added 2024/10/08 5:43 p.m.4 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free that could allow remote code execution when closing an HTTP/3 stream. An attacker can exploit a race condition when the application code is writing to the response body. Note: HTTP/3 is not enabled by default. Remediation...

9.2CVSS8.3AI score0.02078EPSS
Exploits0References3
Snyk
Snyk
added 2024/10/08 5:43 p.m.2 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code execution...

9.2CVSS8AI score0.02078EPSS
Exploits0References3
Snyk
Snyk
added 2024/10/08 5:43 p.m.5 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.win-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code execution...

9.2CVSS8AI score0.02078EPSS
Exploits0References3
Rows per page
Query Builder