Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : .NET vulnerabilities (USN-8420-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8420-1 advisory. It was discovered that .NET did not properly handle link resolution before file access. A local attacker could use this...

RHEL 9 : kernel (RHSA-2026:25218)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25218 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: use dstdevrcu in...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2195-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2195-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: -...

Security update for go1.26-openssl

This update for go1.26-openssl fixes the following issues Security issues: CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. CVE-2026-39817: cmd/go: "go tool pack" do...

RHCOS 4 : OpenShift Container Platform 4.6.42 (RHSA-2021:3009)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3009 advisory. - golang: net: lookup functions may return invalid host names CVE-2021-33195 - golang: net/http/httputil: ReverseProxy forwards...

Ubuntu 26.04 LTS : .NET vulnerabilities (USN-8216-1)

The remote Ubuntu 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8216-1 advisory. Ludvig Pedersen discovered that the System.Security.Cryptography.Xml library in .NET incorrectly handled certain XML inputs. An attacker could possibly u...

RockyLinux 8 : .NET 10.0 (RLSA-2026:8473)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:8473 advisory. dotnet: .NET: Security Bypass and Denial of Service Vulnerability CVE-2026-26171 dotnet: .NET: Denial of Service via stack overflow CVE-2026-32203 dotnet...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : .NET vulnerabilities (USN-8176-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8176-1 advisory. Ludvig Pedersen discovered that the System.Security.Cryptography.Xml library in .NET incorrectly handled certain XML inputs. An...

MiracleLinux 9 : dotnet10.0-10.0.104-1.el9_7.ML.1 (AXSA:2026-335:07)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-335:07 advisory. .net: .NET: Denial of Service via out-of-bounds read CVE-2026-26127 asp.net: ASP.NET Core: Denial of Service via uncontrolled resource allocation...

Microsoft .NET 安全漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States. It focuses on agile software development, rapid application development, platform independence, and network transparency. There are security vulnerabilities in Microsoft .NET. Attackers can exploit the...

MiracleLinux 9 : kernel-5.14.0-427.31.1.el9_4 (AXSA:2024-8705:26)

"The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8705:26 advisory. kernel: phy: CVE-2024-26600 kernel: netfilter: multiple flaws CVE-2024-26808, CVE-2024-27065, CVE-2024-35899, CVE-2024-36005 kernel: cifs:...

SUSE-SU-2025:02126-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50127: net: sched: fix use-after-free in tapriochange bsc1232908. - CVE-2024-50279...

SUSE-SU-2025:20448-1 Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231 - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing bsc1233708 - CVE-2024-50301: security/keys:...

TencentOS Server 3: .NET 7.0 (TSSA-2023:0220)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0220 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: dotnet8.0 (TSSA-2024:0297)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0297 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: .NET 8.0 (TSSA-2025:0107)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0107 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft fixed vulnerabilities in Visual Studio and .NET A malicious party could exploit the vulnerabilities to cause a denial-of-service, grant themselves elevated privileges and/or execute arbitrary code with developer privileges. Because developers tend to work under elevated privileges, it...

Security Update for Microsoft .NET 8 Core (January 2025)

The version of Microsoft .NET 8 Core installed on the remote host is prior to 8.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the vendor advisory. - .NET and Visual Studio Remote Code Execution Vulnerability CVE-2025-21172 - .NET Elevation of Privilege Vulnerabilit...

Amazon Linux 2023 : aspnetcore-runtime-8.0, aspnetcore-runtime-dbg-8.0, aspnetcore-targeting-pack-8.0 (ALAS2023-2025-844)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-844 advisory. .NET and Visual Studio Remote Code Execution Vulnerability CVE-2025-21172 .NET Elevation of Privilege Vulnerability CVE-2025-21173 .NET, .NET Framework, and Visual Studio Remote Code Execution...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-063)

The version of kernel installed on the remote host is prior to 5.15.178-120.178. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-063 advisory. Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allo...