RHEL 8 : .NET 8.0 (RHSA-2024:3345)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3345 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

Important: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19...

ALSA-2024:3340 Important: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19...

The vulnerability of the QTS and QuTS operating systems, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the QTS and QuTS operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the QTS and QuTS operating systems, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the QTS and QuTS operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in the possibility of an operation going beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2023-52845

In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...

CVE-2023-52845

In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...

CVE-2023-52845 tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING

In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...

CVE-2023-52845 tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING

In the Linux kernel, the following vulnerability has been resolved: tipc: Change nlapolicy for bearer-related names to NLANULSTRING syzbot reported the following uninit-value access issue 1: ===================================================== BUG: KMSAN: uninit-value in strlen lib/string.c:418...

The vulnerability of the lighttpd web server arises from the execution of operations beyond the buffer in memory, allowing an attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerability of the lighttpd web server arises from the issue of operations going beyond the buffer in memory when comparing values of the If-Modified-Since header fields. Exploiting this vulnerability allows a remote attacker to bypass the ASLR protection mechanism and gain unauthorized...

The vulnerability of the Windows Common Log File System Driver in the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Windows Common Log File System Driver in the operating system is related to operations that go beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Mozilla Firefox browser, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the Mozilla Firefox browser is related to the execution of operations beyond the buffer boundaries in memory when processing HTML content. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Win32k.sys component in Windows operating systems, which allows an attacker to increase their privileges and gain access to confidential data

The vulnerability of the Win32k.sys component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain access to confidential data...

Remote Code Execution (RCE)

microsoft.netcore.app.runtime is vulnerable to Remote Code Execution. The vulnerability is due to a stack buffer overrun in the .NET Double Parse routine. This allows attackers to execute arbitrary code on the affected system by providing malformed input data that is improperly handled by the...

dotnet: stack buffer overrun in Double Parse

A remote code execution vulnerability exists in .NET 7.0 and .NET 8.0. A stack buffer overrun occurs in the .NET Double Parse routine...

Important: Red Hat Security Advisory: .NET 7.0 security update

An update for .NET 7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2024:2843 Important: .NET 7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.119 and .NET Runtime 7.0.19...

Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability

Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications t...

GHSA-7FCR-8QW6-92FR Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability

Microsoft Security Advisory CVE-2024-30045 | .NET Remote code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET. This advisory also provides guidance on what developers can do to update their applications t...