GHSA-987X-96FQ-9384 Duplicate Advisory: Microsoft Security Advisory CVE-2025-55248: .NET Information Disclosure Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwq6-fmvp-qp68. This link is maintained to preserve external references. Original Description Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose...

EUVD-2025-0074

Malicious code in bioql PyPI...

EUVD-2024-2323

Malicious code in bioql PyPI...

EUVD-2023-25910

Malicious code in bioql PyPI...

EUVD-2025-0073

Malicious code in bioql PyPI...

GHSA-H4J7-5RXR-P4WC Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability

Microsoft Security Advisory CVE-2025-26646: .NET Spoofing Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0.xxx and .NET 8.0.xxx SDK. This advisory also provides guidance on what developers can do to update their...

Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability

Microsoft Security Advisory CVE-2025-26646: .NET Spoofing Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0.xxx and .NET 8.0.xxx SDK. This advisory also provides guidance on what developers can do to update their...

GHSA-2865-HH9G-W894 Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability

Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 9.0, ASP.NET Core 8.0, ASP.NET Core 6.0, and ASP.NET Core 2.3. This advisory also...

CVE-2025-24984

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 17:09:47+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114144902283889820 2025-03-11 17:39:49+00:00| seen|...

GHSA-JJCV-WR2G-4RV4 Microsoft Security Advisory CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers ca...

Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0. This advisory also provides guidance on what developers can do to update their applicatio...

GHSA-7VW9-CFWX-9GX9 Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0 and .NET 9.0. This advisory also provides guidance on what developers can do to update the...

Exploit for Improper Input Validation in Microsoft

CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulne...

GHSA-32Q7-GV7F-4CG5 Duplicate Advisory: Microsoft Security Advisory CVE-2024-21386: .NET Denial of Service Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-g74q-5xw3-j7q9. This link is maintained to preserve external references. Original Description .NET Denial of Service Vulnerability...

GHSA-38FQ-H5HC-GWV8 Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability

Microsoft Security Advisory CVE-2023-36794: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

GHSA-555C-2P6R-68MM .NET Denial of Service vulnerability

Microsoft Security Advisory CVE-2023-29331: .NET Denial of Service vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update their...

Microsoft Windows Win32K 安全漏洞

Microsoft Windows Win32k is a system file for Windows multi-user administration from Microsoft USA. A security vulnerability exists in Microsoft Windows Win32K. The following products and editions are affected: Windows 10 Version 22H2 for ARM64-based Systems,Windows 10 Version 22H2 for 32-bit...

CVE-2022-23267

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of the Apply MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient...

CVE-2022-29117

A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of a malicious client that can send MyCookie=chunks-2147483647 without the actual cookie chunks, causing large allocations, exceptions, and excess CPU utilization on the server when it tries to read or delete that man...

Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS)

Summary Microsoft is aware of PetitPotam which can potentially be used in an attack on Windows domain controllers or other Windows servers. PetitPotam is a classic NTLM Relay Attack, and such attacks have been previously documented by Microsoft along with numerous mitigation options to protect...