23 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

Microsoft QUIC Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de Microsoft QUIC • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0

.NET Spoofing Vulnerability Una vulnerabilidad de Suplantación en .NET An information disclosure vulnerability exists in .NET Core and .NET. This issue can lead to unauthorized access to privileged information. XML signature verification in .NET 6 as implemented in System.Security.Cryptography.Xml.SignedXml is vulnerable to external entity injection attacks. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34716 https://access.redhat.com/security/cve/CVE-2022-34716 https://bugzilla.redhat.com/show_bug.cgi?id=2115183 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

.NET and Visual Studio Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en .NET y Visual Studio. Este ID de CVE es diferente de CVE-2022-29117, CVE-2022-29145 A flaw was found in dotnet. The Microsoft Security Advisory describes the issue of the Apply MaxResponseHeadersLength limit for trailing headers to address a denial of service via excess memory allocations through the HttpClient. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GNXQL7EZORGU4PZCPJ5EPQ4P7IEY3ZZO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBYSBUDJYQ76HK4TULXVIIPCKK2U6WDB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5FPEQ6BTYRGTS6IYCDTZW6YF5HLQ3BY https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-23267 https://access.redhat.com/security/cve/CVE-2022-23267 https://bugzilla.redhat.com/sho • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 6.8EPSS: 1%CPEs: 16EXPL: 0

.NET and Visual Studio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en .NET y Visual Studio A flaw was found in dotnet, where a buffer overrun exists in the double parse routine, which could lead to remote code execution. This flaw allows an attacker to execute code remotely on the system, leading to some system compromise. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24512 https://access.redhat.com/security/cve/CVE-2022-24512 https://bugzilla.redhat.com/show_bug.cgi?id=2061854 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

.NET Core and Visual Studio Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información en .NET Core y Visual Studio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34485 https://access.redhat.com/security/cve/CVE-2021-34485 https://bugzilla.redhat.com/show_bug.cgi?id=1990286 • CWE-732: Incorrect Permission Assignment for Critical Resource •