10 matches found
MiracleLinux 8 : dotnet9.0-9.0.104-1.el8_10 (AXSA:2025-9771:08)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9771:08 advisory. dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method CVE-2025-24070 Tenable has extracted the preceding description blo...
dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method
A flaw was found in the SignInManager.RefreshSignInAsync method. This flaw allows an attacker with local access and low privileges to escalate privileges. The issue might lead to unauthorized access or manipulation of authentication sessions...
dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method
A flaw was found in the SignInManager.RefreshSignInAsync method. This flaw allows an attacker with local access and low privileges to escalate privileges. The issue might lead to unauthorized access or manipulation of authentication sessions...
dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method
A flaw was found in the SignInManager.RefreshSignInAsync method. This flaw allows an attacker with local access and low privileges to escalate privileges. The issue might lead to unauthorized access or manipulation of authentication sessions...
dotnet: Privilege Escalation Vulnerability in .NET SignInManager.RefreshSignInAsync Method
A flaw was found in the SignInManager.RefreshSignInAsync method. This flaw allows an attacker with local access and low privileges to escalate privileges. The issue might lead to unauthorized access or manipulation of authentication sessions...
dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method
A vulnerability was found in dotNET applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords and bypass security restrictions. This flaw allows a remote attacker to bypass security features, causing an impact on...
dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method
A vulnerability was found in dotNET applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords and bypass security restrictions. This flaw allows a remote attacker to bypass security features, causing an impact on...
dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method
A vulnerability was found in dotNET applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords and bypass security restrictions. This flaw allows a remote attacker to bypass security features, causing an impact on...
dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method
A vulnerability was found in dotNET applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords and bypass security restrictions. This flaw allows a remote attacker to bypass security features, causing an impact on...
dotnet: race condition in Core SignInManager<TUser> PasswordSignInAsync method
A vulnerability was found in dotNET applications where account lockout maximum failed attempts may not be immediately updated, allowing an attacker to try more passwords and bypass security restrictions. This flaw allows a remote attacker to bypass security features, causing an impact on...