Security Update for Microsoft .NET Core (May 2025)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the vendor advisory. - External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacke...

Security Update for Microsoft .NET 9 Core (January 2025)

The version of Microsoft .NET 9 Core installed on the remote host is prior to 9.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - .NET Remote Code Execution Vulnerability CVE-2025-21171 - .NET and Visual Studio Remote Code Execution Vulnerability...

Security Bulletin: A vulnerability in Microsoft .NET Core may affect IBM Robotic Process Automation and result in a remote attacker obtaining sensitive information (CVE-2018-8292).

Summary Microsoft .NET Core is used by IBM Robotic Process Automation as part of the development platform CVE-2018-8292. Vulnerability Details CVEID:CVE-2018-8292 DESCRIPTION: Microsoft .NET Core could allow a remote attacker to obtain sensitive information, caused by an open redirect...

Security Update for Microsoft .NET Core SDK (November 2024)

The version of .NET Core SDK installed on the remote host is 9.x prior to 9.0.0. It is, therefore, affected by denial of service vulnerability as referenced in the October 2024 advisory: - .NET Remote Code Execution CVE-2024-43498 - .NET Denial of Service Vulnerability CVE-2024-43499 Note that...

Security Update for Microsoft .NET Core SDK (July 2024)

The version of .NET Core SDK installed on the remote host is 6.x prior to 6.0.32. It is, therefore, affected by remote code execution vulnerability as referenced in the July 2024 advisory: - .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability CVE-2024-38081 Note that Ness...

Security Bulletin: Multiple vulnerabilities in microsoft.netcore.app affect IBM Robotic Process Automation.

Summary Multiple vulnerabilities in IBM microsoft.netcore.app affect IBM Robotic Process Automation. The vulnerabilities exist in BrotliSharpLib which was determined to not be required by IBM Robotic Process Automation. The offending module was removed from the product. Vulnerability Details...

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information via the TlsStream process. An attacker can gain access to sensitive information by intercepting unencrypted data. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-x64 to version 8.0...

Security Update for Microsoft .NET Core (August 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - .NET and Visual Studio Information Disclosure Vulnerability CVE-2024-38167 - .NET and Visual Studio Denial of Servi...

Microsoft .NET Core and Visual Studio Denial of Service Vulnerability

Microsoft .NET Core and Microsoft Visual Studio are both products of Microsoft Corporation USA. NET Core is a free and open source development platform. NET Core is a free, open source development platform that features multi-language support and cross-platform capabilities.Microsoft Visual Studi...

Security Update for Microsoft .NET Core (July 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - .NET Core and Visual Studio Denial of Service Vulnerability CVE-2024-30105 - .NET and Visual Studio Remote Code...

Security Bulletin: A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation and may result in a bypass of security restrictions (CVE-2024-0056)

Summary A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation resulting in a bypass of security restrictions. Microsoft .NET Core is used by IBM Robotic Process Automation as part of it's development platform. This bulletin identifies the security fixes to apply to address...

Security Update for Microsoft .NET Core (May 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the vendor advisory. - .NET and Visual Studio Remote Code Execution Vulnerability CVE-2024-30045 Note that Nessus has not tested for this issue but...

Security Update for Microsoft .NET Core (April 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2024Apr09 advisory. - .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability CVE-2024-21409 Note that Nessus has not teste...

Security Update for Microsoft .NET Core SDK (March 2024)

The version of .NET Core SDK installed on the remote host is 6.x prior to 6.0.27, 7.x prior to 7.0.16 or 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the February 2024 advisory: - A vulnerability exists in .NET where specially crafted requests may...

Security Update for Microsoft .NET Core (February 2024)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2024Feb13 advisory. - .NET Denial of Service Vulnerability CVE-2024-21404 Note that Nessus has not tested for this issue but has instead relied...

Security Update for Microsoft .NET Core SDK (February 2024)

The version of .NET Core SDK installed on the remote host is 6.x prior to 6.0.27, 7.x prior to 7.0.16 or 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the February 2024 advisory: - A vulnerability exists in ASP.NET applications using SignalR where a...

Security Update for Microsoft .NET Core SDK (CVE-2024-0057)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the January 2024 advisory. - .Net Core Security Feature Bypass Vulnerability CVE-2024-0057 Note that Nessus has not tested for these issues but has...

Security Update for Microsoft .NET Core SDK (January 2024)

The version of .NET Core SDK installed on the remote host is 6.x prior to 6.0.26 or 7.x prior to 7.0.15. It is, therefore, affected by multiple vulnerabilities as referenced in the January 2024 advisory: - .NET Core Denial of Service Vulnerability CVE-2024-20672 - .Net Core Security Feature Bypas...

Security Update for .NET Core SDK (November 2023)

The version of Microsoft .NET Core SDK installed on the remote host is 6.0.x prior to 6.0.125, 6.0.x prior to 6.0.320, 6.0.x prior to 6.0.417, 7.0.x prior to 7.0.114, 7.0.x prior to 7.0.311, 7.0.x prior to 7.0.404, or 8.0.x to 8.0.100. It is, therefore, affected by multiple vulnerabilities, as...

Security Bulletin: Vulnerabilities in Microsoft .NET Core and Microsoft ASP.NET may affect IBM Robotic Process Automation for Cloud Pak

Summary Microsoft .NET Core is used by IBM Robotic Process Automation for Cloud Pak as part its runtime CVE-2023-35390. Microsoft ASP.NET is used by IBM Robotic Process Automation for Cloud Pak as part of its runtime CVE-2023-38180. Vulnerability Details CVEID:CVE-2023-35390 DESCRIPTION: Microsof...