40 matches found
dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...
dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...
dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...
dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...
dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...
Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability
Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core SignalR and Blazor Server. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A denial of service...
GHSA-F8H2-VMM9-QHJ6 Microsoft Security Advisory CVE-2026-45591 – ASP.NET Core Denial of Service Vulnerability
Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core SignalR and Blazor Server. This advisory also provides guidance on what developers can do to update their applications to remove this vulnerability. A denial of service...
MiracleLinux 9 : dotnet8.0-8.0.100-2.el9_3.ML.1 (AXSA:2024-7409:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7409:03 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...
MiracleLinux 9 : dotnet6.0-6.0.125-1.el9_3.ML.1 (AXSA:2023-7090:29)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7090:29 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...
MiracleLinux 8 : dotnet6.0-6.0.125-1.el8.ML.1 (AXSA:2024-7361:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7361:01 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...
MiracleLinux 8 : dotnet7.0-7.0.114-1.el8.ML.1 (AXSA:2024-7360:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7360:01 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...
.NET Bounty Program now offers up to $40,000 in awards
We’re excited to announce significant updates to the Microsoft .NET Bounty Program. These changes expand the program’s scope, simplify the award structure, and offer great incentives for security researchers. The .NET Bounty Program now offers awards up to $40,000 USD for vulnerabilities impactin...
Progress多款产品 跨站脚本漏洞
Progress Telerik UI for ASP.NET Core and others are products of Progress, Inc.Progress Telerik UI for ASP.NET Core is a set of UI component libraries for building cross-platform responsive web applications.Progress Telerik UI for Progress Telerik UI for ASP.NET MVC is a library of UI components f...
Malicious code in MetаMаsk.Blazor (NuGet)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4544 Malicious code in MetаMаsk.Blazor (NuGet)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in Blazor.Captcha (NuGet)
--- -= Per source details. Do not edit below this line.=-...
dotnet7.0 security update
An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
Ubuntu: Security Advisory (USN-6480-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...