Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

Microsoft .NET 授权问题漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and transparency in networking. There are vulnerabilities related to licensing in Microsoft .NET. Attacke...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-x64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit -...

Security Update for Microsoft .NET Core (February 2026)

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the vendor advisory. - .NET Spoofing Vulnerability CVE-2026-21218 Note that Nessus has not tested for this issue but has instead relied only on the...

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...

Use After Free

Overview Microsoft.AspNetCore.App.Runtime.linux-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Use After Free that could allow remote code executi...

The vulnerability of the Microsoft .NET software platform and the Microsoft Visual Studio development tools allows a perpetrator to execute arbitrary code.

The vulnerability of the Microsoft .NET software platform and the Microsoft Visual Studio development environment is related to the use of an insecure search path. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path. An attacker can achieve remote code execution by planting malicious files on the victim's system, with knowledge of where they should be placed, then tricking a user to run these files. Remediation Upgrade...

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information via the TlsStream process. An attacker can gain access to sensitive information by intercepting unencrypted data. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-arm64 to version 8.0...

The vulnerability of the Microsoft.NET Framework and.NET operating systems for Windows lies in the improper handling of symbolic links before accessing files. This allows attackers to exploit their privileges.

The vulnerability of the Microsoft.NET Framework and.NET operating systems for Windows is related to the incorrect handling of symbolic links before accessing files. Exploiting this vulnerability can allow an attacker to increase their privileges...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to the handling of specially crafted requests that may cause a resource leak. An attacker can cause a denial of service by sending these requests. Details Denial of Service DoS describes a family of attacks, al...

PT-2024-1914 · Microsoft +8 · .Net Framework +8

Name of the Vulnerable Software and Affected Versions: .NET versions affected versions not specified Description: The issue is related to pointer dereference errors in the Microsoft .NET platform. Exploitation of this issue can allow a remote attacker to cause a denial of service. Recommendations...

The vulnerability of the Microsoft .NET Framework software platform, related to improper cleaning or release of resources, allows a perpetrator to cause a service failure.

The vulnerability of the Microsoft .NET Framework software platform is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

SUSE CVE-2010-3332

Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services IIS, provides detailed error codes during decryption attempts, which allows remote attackers to decrypt and modify encrypted View State aka VIEWSTATE for...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the way it reads debugging symbols, where reading a malicious symbols file may result in the exploitation of this vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 6.0.13,...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS by sending an invalid request to an exposed endpoint. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users. Unlike other...

Microsoft .NET 安全漏洞

Microsoft .NET is a software framework from Microsoft Corporation USA dedicated to agile software development, rapid application development, platform-agnosticism, and web transparency. A security vulnerability exists in Microsoft . An attacker has exploited the vulnerability to cause a denial of...

PT-2023-9612 · Microsoft +7 · .Net Framework +7

Name of the Vulnerable Software and Affected Versions: Microsoft .NET affected versions not specified Description: The issue is related to flaws in the deserialization mechanism of the Microsoft .NET platform. It allows a remote attacker to cause a denial of service. Recommendations: At the momen...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when creating HTTPS web requests while building X509 certificate chains. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS when creating HTTPS web requests while building X509 certificate chains. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...