MiracleLinux 8 : dotnet8.0-8.0.114-1.el8_10.ML.1 (AXSA:2025-9765:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9765:07 advisory. dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method CVE-2025-24070 Tenable has extracted the preceding description blo...

TencentOS Server 3: .NET 8.0 (TSSA-2025:0306)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0306 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

AlmaLinux 8 : .NET 8.0 (ALSA-2025:2670)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:2670 advisory. dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method CVE-2025-24070 Bug Fixes and Enhancements: dotnet: Privilege Escalation...

AlmaLinux 9 : .NET 9.0 (ALSA-2025:2668)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:2668 advisory. dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method CVE-2025-24070 Bug Fixes and Enhancements: dotnet: Privilege Escalation...

AlmaLinux 9 : .NET 8.0 (ALSA-2025:2669)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:2669 advisory. dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method CVE-2025-24070 Bug Fixes and Enhancements: dotnet: Privilege Escalation...

RockyLinux 8 : .NET 8.0 (RLSA-2025:2670)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:2670 advisory. dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method CVE-2025-24070 Bug Fixes and Enhancements: dotnet: Privilege Escalation...

Important: dotnet8.0

Issue Overview: Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. CVE-2025-24070 Affected Packages: dotnet8.0 Issue Correction: Run dnf update dotnet8.0 --releasever 2023.7.20250331 to update your system. New Packages: aarch6...

SUSE CVE-2025-24070

unknown...

RHEL 8 : .NET 8.0 (RHSA-2025:2670)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2670 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

RHEL 8 : .NET 9.0 (RHSA-2025:2667)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2667 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

RHEL 9 : .NET 8.0 (RHSA-2025:2669)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2669 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

RHEL 9 : .NET 8.0 (RHSA-2025:2666)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2666 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

Ubuntu: Security Advisory (USN-7345-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BELL-CVE-2025-24070

Bulletin has no description...

Important: Red Hat Security Advisory: .NET 9.0 security, bug fix, and enhancement update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: Red Hat Security Advisory: .NET 8.0 security, bug fix, and enhancement update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

Improper Authentication

Overview Microsoft.AspNetCore.App.Runtime.linux-arm is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Improper Authentication in the RefreshSignInAsync...

CVE-2025-24070

Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-24070

Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-24070

The CVE describes a weak authentication issue in ASP.NET Core and Visual Studio that could allow elevation of privilege via calls to RefreshSignInAsync with an improperly authenticated user parameter. Affected software includes ASP.NET Core apps using Microsoft.AspNetCore.Identity (affected versi...