6556 matches found
AlmaLinux 8 : .NET 10.0 (ALSA-2026:4458)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4458 advisory. .net: .NET: Denial of Service via out-of-bounds read CVE-2026-26127 asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation...
.net: .NET: Denial of Service via out-of-bounds read
A flaw was found in .NET. An unauthorized attacker can exploit an out-of-bounds read vulnerability over a network, leading to a Denial of Service DoS. This can prevent legitimate users from accessing the affected service...
.net: .NET: Denial of Service via out-of-bounds read
A flaw was found in .NET. An unauthorized attacker can exploit an out-of-bounds read vulnerability over a network, leading to a Denial of Service DoS. This can prevent legitimate users from accessing the affected service...
RHEL 8 : .NET 10.0 (RHSA-2026:4458)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4458 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...
ALSA-2026:4453 Important: .NET 10.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.104 and .NET Runtime...
EUVD-2026-10691
.NET Denial of Service Vulnerability...
GHSA-73J8-2GCH-69RQ .NET Denial of Service Vulnerability
Microsoft Security Advisory CVE-2026-26127 – .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 9.0 and .NET 10.0. This advisory also provides guidance on what developers can do to update their...
EUVD-2026-10695
.NET Elevation of Privilege Vulnerability...
USN-8085-1: .NET vulnerabilities
It was discovered that the .NET Microsoft.Bcl.Memory NuGet package did not properly handle certain malformed Base64Url encoded input. An attacker could possibly use this issue to cause .NET to crash, resulting in a denial of service. This issue only affected .NET 9.0 and .NET 10.0. CVE-2026-26127...
Microsoft Patch Tuesday, March 2026 Edition
Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month compared to February's five zero-day treat, but as usual some patches may deserve more rapid attention from...
CVE-2026-26131 .NET Elevation of Privilege Vulnerability
...
2026-03 .NET 8.0.25 Security Update for x64 Client (KB5081277)
2026-03 .NET 8.0.25 Security Update for x64 Client KB5081277...
CVE-2026-26127
Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network...
CVE-2026-21218
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-21218
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network...
January 29, 2026-KB5074828 Cumulative Update Preview for .NET Framework 3.5 and 4.8.1 for Windows 11, version 25H2
January 29, 2026-KB5074828 Cumulative Update Preview for .NET Framework 3.5 and 4.8.1 for Windows 11, version 25H2 Release Date: January 29, 2026 Version: .NET Framework 3.5 and 4.8.1 The January 29, 2026 update for Windows 11, version 25H2 includes security and cumulative reliability improvement...
Exploit for Deserialization of Untrusted Data in Microsoft
WSUS Security Research Toolkit !Pythonhttps://img.shields...
CVE-2025-14759
Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce a new EDK that decrypts to different plaintext when the encrypted data key is stored in an "instruction file" instead of S3's metadata record. To...
CVE-2024-58317
A cookie security configuration vulnerability in Kentico Xperience allows attackers to bypass SSL requirements when setting administration cookies via web.config. The vulnerability affects .NET Framework projects by incorrectly handling the 'requireSSL' attribute, potentially compromising session...
CVE-2024-58317 Kentico Xperience <= 13.0.164 Cookie Security Configuration
A cookie security configuration vulnerability in Kentico Xperience allows attackers to bypass SSL requirements when setting administration cookies via web.config. The vulnerability affects .NET Framework projects by incorrectly handling the 'requireSSL' attribute, potentially compromising session...