MiracleLinux 8 : dotnet7.0-7.0.100-0.4.rc2.el8.ML.1 (AXSA:2023-4584:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4584:01 advisory. dotnet: Nuget cache poisoning on Linux via world-writable cache directory CVE-2022-41032 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : dotnet7.0-7.0.117-1.el8_9.ML.1 (AXSA:2024-7613:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7613:06 advisory. dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support CVE-2024-21392 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 8 : dotnet7.0-7.0.114-1.el8.ML.1 (AXSA:2024-7360:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7360:01 advisory. dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass Vulnerability in...

MiracleLinux 9 : dotnet7.0-7.0.117-1.el9_3.ML.1 (AXSA:2024-7616:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7616:07 advisory. dotnet: DoS in .NET Core / YARP HTTP / 2 WebSocket support CVE-2024-21392 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 8 : dotnet7.0-7.0.109-1.el8.ML.1 (AXSA:2023-6236:23)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6236:23 advisory. dotnet: race condition in Core SignInManager PasswordSignInAsync method CVE-2023-33170 Tenable has extracted the preceding description block directly from th...

MiracleLinux 8 : dotnet7.0-7.0.111-1.el8.ML.1 (AXSA:2023-6419:26)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6419:26 advisory. dotnet: Denial of Service with Client Certificates using .NET Kestrel CVE-2023-36799 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : dotnet7.0-7.0.112-1.el8.ML.1 (AXSA:2023-6521:29)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6521:29 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...

CVE-2025-55248

Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network...

dotnet: stack buffer overrun in Double Parse

A remote code execution vulnerability exists in .NET 7.0 and .NET 8.0. A stack buffer overrun occurs in the .NET Double Parse routine...

dotnet: stack buffer overrun in Double Parse

A remote code execution vulnerability exists in .NET 7.0 and .NET 8.0. A stack buffer overrun occurs in the .NET Double Parse routine...

.NET and Visual Studio 安全漏洞

Microsoft .NET Core and Microsoft Visual Studio are both products of Microsoft Corporation USA. NET Core is a free and open source development platform. The platform features multi-language support and cross-platform.Microsoft Visual Studio is a family of development tool suites and a fundamental...

USN-6693-1 dotnet7, dotnet8 vulnerability

It was discovered that .NET did not properly handle certain specially crafted requests. An attacker could potentially use this issue to cause a resource leak, leading to a denial of service...

Microsoft ASP.NET Core Security Vulnerability

Microsoft ASP.NET Core is a framework of cross-platform open source framework from Microsoft. The framework is used to build cloud-based applications such as Web applications, Internet of Things applications, and mobile backends. A security vulnerability exists in Microsoft ASP.NET Core. An...

USN-6427-1 dotnet6, dotnet7 vulnerability

It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service...

USN-6362-1 dotnet6, dotnet7 vulnerability

Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service...

Microsoft .NET Core and Microsoft Visual Studio Security Vulnerabilities

Microsoft .NET Core and Microsoft Visual Studio are both products of Microsoft Corporation USA. NET Core is a free and open source development platform. NET Core is a free, open source development platform that features multi-language support and cross-platform capabilities.Microsoft Visual Studi...

USN-6278-2 dotnet6, dotnet7 vulnerabilities

USN-6278-1 fixed several vulnerabilities in .NET. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that .NET did properly handle the execution of certain commands. An attacker could possibly use this issue to achieve remote code...

Denial of Service (DoS)

Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS in .NET Kestrel where a malicious...

Denial of Service (DoS)

Overview Microsoft.AspNetCore.App.Runtime.win-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS in .NET Kestrel where a malicio...

Microsoft Visual Studio和Microsoft .NET 安全漏洞

Microsoft Visual Studio is a family of development tool suites and a fundamentally complete development toolset that includes most of the tools needed throughout the software lifecycle. Microsoft .NET is a software framework dedicated to agile software development, rapid application development,...