10 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

.NET and Visual Studio Denial of Service Vulnerability A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an [ExtensionData] property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43485 https://access.redhat.com/security/cve/CVE-2024-43485 https://bugzilla.redhat.com/show_bug.cgi?id=2315731 • CWE-407: Inefficient Algorithmic Complexity •

CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability A flaw was found in dotnet. The System.IO.Packaging library may allow untrusted inputs to influence algorithmically complex operations, resulting in a denial of service. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43484 https://access.redhat.com/security/cve/CVE-2024-43484 https://bugzilla.redhat.com/show_bug.cgi?id=2315729 • CWE-407: Inefficient Algorithmic Complexity CWE-789: Memory Allocation with Excessive Size Value •

CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0

.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability A flaw was found in dotnet. The System.Security.Cryptography.Cose, System.IO.Packaging and System.Runtime.Caching components may be exposed to hostile input, making them susceptible to hash flooding attacks, resulting in denial of service. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43483 https://access.redhat.com/security/cve/CVE-2024-43483 https://bugzilla.redhat.com/show_bug.cgi?id=2315730 • CWE-407: Inefficient Algorithmic Complexity •

CVSS: 7.3EPSS: 0%CPEs: 24EXPL: 0

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38081 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 0

Visual Studio Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de Visual Studio A flaw was found in ASP.NET Core. A deadlock condition can be triggered in Http2OutputProducer.Stop(), which may lead to a denial of service. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30046 https://access.redhat.com/security/cve/CVE-2024-30046 https://bugzilla.redhat.com/show_bug.cgi?id=2279697 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-833: Deadlock •