CVSS: 7.8EPSS: 18%CPEs: 6EXPL: 0CVE-2024-21404 – .NET Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-21404
13 Feb 2024 — .NET Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de .NET A denial of service vulnerability exists in .NET applications with OpenSSL support when parsing X509 certificates. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service (DoS) attack by providing specially crafted input. Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21404 • CWE-400: Uncontrolled Resource Consumption CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 10%CPEs: 6EXPL: 0CVE-2024-21386 – .NET Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-21386
13 Feb 2024 — .NET Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de .NET A denial of service vulnerability is present in the .NET applications utilizing SignalR, which a malicious client can exploit. The issue arises from inadequate validation of user-supplied input in .NET. This flaw allows a remote attacker to trigger a denial of service (DoS) attack by providing specially crafted input. Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker co... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21386 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.2EPSS: 29%CPEs: 14EXPL: 0CVE-2023-36038 – ASP.NET Core Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-36038
14 Nov 2023 — ASP.NET Core Denial of Service Vulnerability Vulnerabilidad de denegación de servicio de ASP.NET Core • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36038 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.2EPSS: 0%CPEs: 11EXPL: 0CVE-2023-36558 – ASP.NET Core Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-36558
14 Nov 2023 — ASP.NET Core - Security Feature Bypass Vulnerability Vulnerabilidad de omisión de funciones de seguridad en ASP.NET Core ASP.NET Core Security Feature Bypass Vulnerability A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package. Barry Dorrans discovered that .NET did not properly implement certain security features for Blazor server forms. An attacker could possibly use this issue to bypass validation, which could trigger unintended actions. Piotr Bazydlo discovered ... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558 •