Search CVE reports


Toggle filters

21 – 30 of 49 results


CVE-2024-0057

Medium priority
Fixed

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Fixed Not in release Not in release Not in release
dotnet7 Fixed Not in release Not in release Not in release
dotnet8 Not affected Not in release Not in release Not in release
Show less packages

CVE-2024-0056

Medium priority
Not affected

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not affected Not in release Not in release Not in release
dotnet7 Not affected Not in release Not in release Not in release
dotnet8 Not affected Not in release Not in release Not in release
Show less packages

CVE-2023-36558

Medium priority
Fixed

ASP.NET Core - Security Feature Bypass Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Fixed Not in release Not in release Not in release
dotnet7 Fixed Not in release Not in release Not in release
dotnet8 Not affected Not in release Not in release Not in release
Show less packages

CVE-2023-36049

Medium priority
Fixed

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Fixed Not in release Not in release Not in release
dotnet7 Fixed Not in release Not in release Not in release
dotnet8 Not affected Not in release Not in release Not in release
Show less packages

CVE-2023-36038

Medium priority
Not affected

ASP.NET Core Denial of Service Vulnerability

3 affected packages

dotnet6, dotnet7, dotnet8

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not affected Not in release Not in release Not in release
dotnet7 Not affected Not in release Not in release Not in release
dotnet8 Not affected Not in release Not in release Not in release
Show less packages

CVE-2023-44487

High priority

Some fixes available 18 of 56

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

13 affected packages

dotnet6, dotnet7, dotnet8, h2o, haproxy...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not in release Fixed Not in release Not in release Not in release
dotnet7 Not in release Fixed Not in release Not in release Not in release
dotnet8 Fixed Not affected Not in release Not in release Not in release
h2o Not affected Needs evaluation Needs evaluation Needs evaluation Not in release
haproxy Not affected Not affected Not affected Fixed Not affected
netty Not affected Fixed Fixed Not affected Not affected
nghttp2 Not affected Fixed Fixed Fixed Fixed
nginx Not affected Not affected Not affected Not affected Not affected
nodejs Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
tomcat10 Needs evaluation Not in release Not in release Ignored Ignored
tomcat8 Not in release Not in release Not in release Needs evaluation Needs evaluation
tomcat9 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
trafficserver Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show all 13 packages Show less packages

CVE-2023-36788

Medium priority
Needs evaluation

.NET Framework Remote Code Execution Vulnerability

2 affected packages

dotnet6, dotnet7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Needs evaluation Not in release Not in release Not in release
dotnet7 Needs evaluation Not in release Not in release Not in release
Show less packages

CVE-2023-36799

Medium priority
Fixed

.NET Core and Visual Studio Denial of Service Vulnerability

2 affected packages

dotnet6, dotnet7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Fixed Not in release Not in release Not in release
dotnet7 Fixed Not in release Not in release Not in release
Show less packages

CVE-2023-36796

Medium priority
Not affected

Visual Studio Remote Code Execution Vulnerability

2 affected packages

dotnet6, dotnet7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not affected Not in release Not in release Not in release
dotnet7 Not affected Not in release Not in release Not in release
Show less packages

CVE-2023-36794

Medium priority
Not affected

Visual Studio Remote Code Execution Vulnerability

2 affected packages

dotnet6, dotnet7

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
dotnet6 Not affected Not in release Not in release Not in release
dotnet7 Not affected Not in release Not in release Not in release
Show less packages