ROS-20260429-73-0044

A vulnerability in the ASP.NET Core software platform is related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation

A flaw was found in ASP.NET Core. This vulnerability allows an unauthorized attacker to perform a Denial of Service DoS attack over a network by allocating resources without limits or throttling. This can lead to the unavailability of the service for legitimate users...

Inside the Fix: Analysis of In-the-Wild Exploit of CVE-2026-21513

Read how PatchDiff-AI uncovered the root cause of CVE-2026-21513 — an actively exploited MSHTML vulnerability — and how APT28 leveraged it in real-world attacks...

Microsoft HTTP.sys 安全漏洞

Microsoft HTTP.SYS is an HTTP application protocol developed by Microsoft Corporation. There are security vulnerabilities in Microsoft HTTP.SYS. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and versions are affected: Windows 10 Version 21H2 for...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-53772-standalone poc for cve-2025-53772 CVE-2025...

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2025-53772 poc for cve-2025-53772 CVE-2025-53772 - Mi...

Linux Distros Unpatched Vulnerability : CVE-2025-24070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. CVE-2025-24070 Note that Nessus relies...

Microsoft Web Deploy Installed (Windows)

Binary data microsoftwebdeployinstalled.nbin...

Microsoft Web Deploy 代码问题漏洞

Microsoft Web Deploy is a scalable client-server tool from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Web Deploy. An attacker exploiting this vulnerability could execute code...

Microsoft Web Deploy < 10.0.2001 Remote Code Execution (CVE-2025-53772)

The version of Microsoft Web Deploy installed on the remote host is prior to 10.0.2001 It is, therefore, affected by a remote code execution vulnerability: - Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network. CVE-2025-53772 Note that Ness...

Microsoft ASP.NET Core 安全漏洞

Microsoft ASP.NET Core is a framework of cross-platform open source framework from Microsoft Corporation USA. The framework is used to build cloud-based applications such as web applications, Internet of Things applications, and mobile backends. A security vulnerability exists in Microsoft ASP.NE...

CVE-2024-42179

HCL MyXalytics is affected by sensitive information disclosure vulnerability. The HTTP response header exposes the Microsoft-HTTP API∕2.0 as the server's name & version...

Microsoft Web Media Extensions (Windows SMB Login)

SMB login-based detection of Microsoft Web Media Extensions. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Web Media Extensions RCE Vulnerability (Oct 2024)

Microsoft Web Media Extensions is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Ajax.NET Professional Cross-Site Scripting Vulnerability

Ajax.NET Professional was one of the first AJAX frameworks available for Microsoft ASP.NET. A cross-site scripting vulnerability exists in versions of Ajax.NET Professional prior to 21.12.22.1, which is vulnerable to cross-site scripting attacks...

Excessive memory consumption in MS-WSP dissector in Wireshark 3.4.0 to 3.4.4 and 3.2.0 to 3.2.12 allows denial of service via packet injection or crafted capture file

...

Microsoft Windows Codecs Library 代码注入漏洞

The Web Media Extensions package extends Microsoft Edge and Windows 10 to support open source formats commonly found on the Web.A remote code execution vulnerability exists in Microsoft Web Media Extensions. An attacker could exploit this vulnerability to execute code on the target host...

Microsoft ASP.NET Core 输入验证错误漏洞

Microsoft ASP.NET Core is a framework of cross-platform open source framework from Microsoft. The framework is used to build cloud-based applications such as Web applications, Internet of Things applications, and mobile backends. An input validation error vulnerability exists in Microsoft ASP.NET...

Microsoft ASP.NET Core and Visual Studio Security Vulnerabilities

Microsoft ASP.NET Core is a framework of cross-platform open source framework from Microsoft. The framework is used to build cloud-based applications such as Web applications, Internet of Things applications, and mobile backends. A security vulnerability exists in Microsoft ASP.NET Core and Visua...

CVE-2020-0645

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'...