Lucene search
K

203 matches found

Snyk
Snyk
added 2025/10/14 8:32 p.m.7 views

HTTP Request Smuggling

Overview Microsoft.AspNetCore.App.Runtime.osx-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunke...

9.9CVSS9.2AI score0.65838EPSS
Exploits5References2
Snyk
Snyk
added 2025/10/14 8:32 p.m.5 views

HTTP Request Smuggling

Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to HTTP Request Smuggling via the interpretation of chunke...

9.9CVSS9.2AI score0.65838EPSS
Exploits5References2
OSV
OSV
added 2025/10/14 8:32 p.m.8 views

GHSA-5RRX-JJJQ-Q2R5 Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability

Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 10.0 , ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also...

9.9CVSS9.2AI score0.65838EPSS
Exploits5References5
AlpineLinux
AlpineLinux
added 2025/10/14 5:0 p.m.2 views

CVE-2025-55315

Inconsistent interpretation of http requests 'http request/response smuggling' in ASP.NET Core allows an authorized attacker to bypass a security feature over a network...

9.9CVSS9.2AI score0.65838EPSS
Exploits5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-55129

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00434EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/08 2:41 p.m.4 views

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read via the DiaSymReader.dll process. An attacker can execute arbitrary code by exploiting a buffer over-read condition when the application processes specially crafted input. This issue affects EOL ASP.NET 6.0.0 = 6.0.36 a...

8.8CVSS8.9AI score0.02262EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/08 2:41 p.m.3 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the msdia140.dll process. An attacker can execute arbitrary code by supplying specially crafted input that triggers an integer overflow and subsequent heap-bas...

7.5CVSS8.7AI score0.01764EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/08 2:41 p.m.4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper handling of integer values in the msdia140.dll process. An attacker can execute arbitrary code by supplying specially crafted input that triggers an integer overflow and subsequent heap-bas...

7.5CVSS8.7AI score0.01764EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/08 2:41 p.m.3 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code execution...

9.2CVSS8.1AI score0.02078EPSS
Exploits0References3
Snyk
Snyk
added 2025/09/08 2:41 p.m.4 views

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.win-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code execution...

9.2CVSS8.1AI score0.02078EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/14 11:26 p.m.5 views

Malicious code in aspnet-asset-management (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 068ec09bafae1223e1ebcc83c97b674b7188dd9ca13b5b73d241bccad793bf88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/04/28 4:15 p.m.9 views

CVE-2023-35814

DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms...

9.8CVSS5.8AI score0.00403EPSS
Exploits0References5
Snyk
Snyk
added 2025/04/08 4:0 p.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...

8.7CVSS6.9AI score0.0154EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...

8.7CVSS6.9AI score0.0154EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...

8.7CVSS7.9AI score0.0154EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.win-x86 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling wh...

8.7CVSS6.9AI score0.0154EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/08 4:0 p.m.7 views

Allocation of Resources Without Limits or Throttling

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or...

8.7CVSS6.9AI score0.0154EPSS
Exploits0References2
OSV
OSV
added 2025/04/08 12:0 a.m.1 views

UBUNTU-CVE-2025-26682

Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.0154EPSS
Exploits0References4
Amazon
Amazon
added 2025/04/01 12:0 a.m.5 views

Important: dotnet8.0

Issue Overview: Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. CVE-2025-24070 Affected Packages: dotnet8.0 Issue Correction: Run dnf update dotnet8.0 --releasever 2023.7.20250331 or dnf update --advisory ALAS2023-2025-912...

7CVSS7AI score0.00911EPSS
Exploits1
Snyk
Snyk
added 2025/03/11 7:24 p.m.6 views

Improper Authentication

Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...

8.3CVSS7.1AI score0.00911EPSS
Exploits1References2
Rows per page
Query Builder