October 14, 2025-Security Only Update for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5066749)

October 14, 2025-Security Only Update for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 KB5066749 Applies to:Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.6.2 Summary Note Starting in July 2020, there wi...

August 13, 2024-Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5042357)

August 13, 2024-Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 KB5042357 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.6.2 REMINDER Windows Server 2008 R2 SP1...

May 14, 2024-Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 (KB5038291)

May 14, 2024-Security and Quality Rollup for .NET Framework 2.0, 3.0, 3.5 SP1, 4.6.2 for Windows Server 2008 SP2 KB5038291 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.6.2 REMINDER Windows Server 2008 R2 SP1 have...

NIST Releases Cybersecurity Framework 2.0: Guide for All Organizations

By Deeba Ahmed The first Cybersecurity Framework CSF was released in 2014. This is a post from HackRead.com Read the original post: NIST Releases Cybersecurity Framework 2.0: Guide for All Organizations...

CVE-2023-50714 The Oauth2 PKCE implementation is vulnerable

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the authCodeVerifier should be removed after usage similar to authStat...

CVE-2023-50714 The Oauth2 PKCE implementation is vulnerable

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the authCodeVerifier should be removed after usage similar to authStat...

CVE-2023-50708 yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth1/2 state and OpenID Connect nonce is vulnerable for a timing attack since it is compared via regular string comparison...

October 11, 2022-Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 SP2 (KB5018550)

October 11, 2022-Security and Quality Rollup for .NET Framework 2.0, 3.0, 4.6.2 for Windows Server 2008 SP2 KB5018550 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 4.6.2 IMPORTANT This update is included in the Security and Quality Rollup that's...

2020-05 Security Only Update for .NET Framework 2.0 for Windows Server 2008 SP2 for Itanium-based Systems (KB4556406)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

MS06-033: A vulnerability in ASP.NET could allow information disclosure

MS06-033: A vulnerability in ASP.NET could allow information disclosure Microsoft has released security bulletin MS06-033. The security bulletin contains all the relevant information about the security update. This includes file manifest information and deployment options. To view the complete...

CVE-2012-4451

Multiple cross-site scripting XSS vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to 1 Debug, 2 Feed\PubSubHubbub, 3 Log\Formatter\Xml, 4 Tag\Cloud\Decorator, 5 Uri, 6 View\Helper\HeadStyle, 7...

Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 (KB4520409)

Preview of Quality Rollup for .NET Framework 2.0, 3.0, 4.5.2, 4.6 for Windows Server 2008 SP2 KB4520409 Applies to: Microsoft .NET Framework 2.0 Microsoft .NET Framework 3.0 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 This update is included in the Quality Rollup that's dated...

如何针对使用HTTP的.NET Remoting finding and using deserialization vulnerability-vulnerability warning-the black bar safety net

One, overview In the NCC Group and most recent safety assessment, 我发现了一个.NET v2. 0 app, 该应用程序使用.NET Remoting by HTTP to send the SOAP request to the other server to communicate. In the application of the anti-compiled, I realized that the server has TypeFilterLevel is set to Full, this is very...

January 2019 Preview of the Quality Rollups for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4481491)

January 2019 Preview of the Quality Rollups for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 KB 4481491 Applies to: Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.0 Service Pack 2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6...

October 2018 Preview of the Quality Rollups for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4462503)

October 2018 Preview of the Quality Rollups for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 KB 4462503 Applies to: Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.0 Service Pack 2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6...

November 2018 Security and Quality Rollups for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 (KB 4467243)

November 2018 Security and Quality Rollups for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 KB 4467243 Applies to: Microsoft .NET Framework 2.0 Service Pack 2, Microsoft .NET Framework 3.0 Service Pack 2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6 Noti...

August 2018 Preview of the Quality Rollups for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 (KB 4346083)

August 2018 Preview of the Quality Rollups for .NET Framework 2.0 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2 KB 4346083 Summary This article lists the Quality Rollups for .NET Framework 2.0 Service Pack 2 SP2, 3.0 SP2, 4.5.2, and 4.6 for Windows Server 2008 SP2.Important All updates...

Denial of service vulnerability exists when .NET and .NET Core improperly process XML documents

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1, Microsoft .NET Framework...

List of changes and fixed issues in the .NET Framework 3.5 Service Pack 1

List of changes and fixed issues in the .NET Framework 3.5 Service Pack 1 Summary This article describes the following aspects of the Microsoft .NET Framework 3.5 Service Pack 1 SP1: Hotfixes that are included in this service pack New features and functionalities Note This update also includes...

MS13-052: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: July 9, 2013

MS13-052: Description of the security update for the .NET Framework 2.0 Service Pack 2 on Windows Vista Service Pack 2 and Windows Server 2008 Service Pack 2: July 9, 2013 View products that this article applies to. August 13, 2013 This security update has been re-released and contains updated...