3481 matches found
CVE-2026-58127
PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...
CVE-2026-58127 PACSgear MediaWriter 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service
PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET...
CVE-2026-58126
PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can...
CVE-2026-58126 PACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service
PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can...
RHSA-2026:28051 Red Hat Security Advisory: .NET 9.0 security update
Bulletin has no description...
dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption
A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...
Important: Red Hat Security Advisory: .NET 9.0 security update
An update for .NET 9.0 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
dotnet: .NET: Local file tampering via link following vulnerability
A flaw was found in .NET's System.Formats.Tar library. When extracting a specially crafted TAR archive containing symbolic links, the TarFile.ExtractToDirectory method may incorrectly follow those links and write files outside the intended extraction directory. An attacker could exploit this issu...
PYSEC-2026-531 Semantic Kernel has Arbitrary File Write via AI Agent Function Calling in .NET SDK
Impact What kind of vulnerability is it? Who is impacted? An Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. Developers who have built applications which include Microsoft's Semantic Kernel .NET SDK and...
Fedora 43 : dotnet8.0 (2026-2f80369c73)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2f80369c73 advisory. Update to .NET SDK 8.0.128 and Runtime 8.0.28 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...
Fedora 44 : dotnet10.0 (2026-dec081126f)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dec081126f advisory. Update to .NET SDK 10.0.109 and Runtime 10.0.9 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...
Fedora 43 : dotnet10.0 (2026-a424c1061e)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a424c1061e advisory. Update to .NET SDK 10.0.109 and Runtime 10.0.9 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...
Fedora 43 : dotnet9.0 (2026-2954cd11bd)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2954cd11bd advisory. Update to .NET SDK 9.0.118 and Runtime 9.0.17 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...
Fedora 44 : dotnet8.0 (2026-041785a779)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-041785a779 advisory. Update to .NET SDK 8.0.128 and Runtime 8.0.28 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...
Fedora 44 : dotnet9.0 (2026-0dce096c13)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0dce096c13 advisory. Update to .NET SDK 9.0.118 and Runtime 9.0.17 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...
CVE-2023-37524
HCL Traveler for Microsoft Outlook HTMO is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives security updates, it may expose the application to publicly known security weaknesses through vulnerabl...
PT-2026-53036
Name of the Vulnerable Software and Affected Versions HCL Traveler for Microsoft Outlook HTMO affected versions not specified Description The application is susceptible to security weaknesses because it relies on .NET Framework 4.5, which has reached end-of-life. As this framework no longer...
GHSA-RM3J-F69W-WQMQ vulnerabilities
Vulnerabilities for packages: terraform-provider-azapi-fips, src, external-dns, step-issuer, crossplane-provider-aws-kinesis-fips, kots, grype-db, crossplane-provider-aws-guardduty, atlantis, docker-machine-driver-linode, chainloop-control-plane, seaweedfs-rocksdb-fips, step-ca-fips, helm, sops,...
GHSA-Q4H4-GMJ2-QVW2 vulnerabilities
Vulnerabilities for packages: terraform-provider-azapi-fips, src, external-dns, step-issuer, crossplane-provider-aws-kinesis-fips, kots, grype-db, crossplane-provider-aws-guardduty, atlantis, docker-machine-driver-linode, chainloop-control-plane, seaweedfs-rocksdb-fips, step-ca-fips, helm, sops,...
Oracle Linux 9 : .NET / 9.0 (ELSA-2026-21296)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-21296 advisory. 9.0.118-1.0.1 - Add support for Oracle Linux 9.0.118-1 - Update to .NET SDK 9.0.118 and Runtime 9.0.17 - Resolves: RHEL-181553 9.0.117-1 - Update to .NET SDK...