21 matches found
TencentOS Server 3: .NET 7.0 (TSSA-2023:0178)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0178 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
SUSE CVE-2023-32032
unknown...
RLSA-2023:3593 Important: .NET 7.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...
.NET 7.0 security, bug fix, and enhancement update
An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
Amazon Linux 2023 : aspnetcore-runtime-6.0, aspnetcore-targeting-pack-6.0, dotnet (ALAS2023-2023-242)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-242 advisory. .NET Denial of Service Vulnerability. CVE-2023-21538 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability CVE-2023-24895 .NET, .NET Framework, and Visual Studio Elevation...
Ubuntu: Security Advisory (USN-6161-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 9 : .NET / 7.0 (ELSA-2023-3592)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3592 advisory. 7.0.107-1.0.1 - Set TargetRid based on os release major version, add OL arm64 RuntimeIdentifier Orabug: 34671152 7.0.107-1 - Update to .NET SDK 7.0.107...
Important: Red Hat Security Advisory: .NET 7.0 security, bug fix, and enhancement update
An update for .NET 7.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2023-32032
.NET and Visual Studio Elevation of Privilege Vulnerability...
Privilege Escalation
Overview Affected versions of this package are vulnerable to Privilege Escalation. A vulnerability exists in .NET using extracting the contents of a Tar file which may result in elevation of privileges. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm to version 6.0.18, 7.0.7 or higher...
Ubuntu: Security Advisory (USN-6161-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALSA-2023:3593 Important: .NET 7.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...
ALSA-2023:3592 Important: .NET 7.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...
Ubuntu 22.04 LTS / 23.04 : .NET vulnerabilities (USN-6161-1)
The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6161-1 advisory. It was discovered that .NET did not properly enforce certain restrictions when deserializing a DataSet or DataTable from XML. An attacker could...
RHEL 9 : .NET 7.0 (RHSA-2023:3592)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3592 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...
Important: .NET 7.0 security, bug fix, and enhancement update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.107 and .NET Runtime 7.0.7. The...
CVE-2023-32032
CVE-2023-32032 is a .NET and Visual Studio elevation-of-privilege vulnerability. The root cause is an improper handling in TarFile.ExtractToDirectory where the extraction directory argument is ignored, enabling an attacker with limited privileges to bypass intended file placement. The vulnerabili...
CVE-2023-32032 .NET and Visual Studio Elevation of Privilege Vulnerability
...
CVE-2023-32032 .NET and Visual Studio Elevation of Privilege Vulnerability
...
CVE-2023-32032
.NET and Visual Studio Elevation of Privilege Vulnerability...