Filtered by vendor Redhat
Subscriptions
Filtered by product Rhel Dotnet
Subscriptions
Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-1650 | 3 Debian, Eventsource, Redhat | 11 Debian Linux, Eventsource, Ceph Storage and 8 more | 2026-02-24 | 8.1 High |
| Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2. | ||||
| CVE-2020-1597 | 3 Fedoraproject, Microsoft, Redhat | 6 Fedora, Asp.net Core, Visual Studio 2017 and 3 more | 2026-02-23 | 7.5 High |
| A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without authentication. A remote unauthenticated attacker could exploit this vulnerability by issuing specially crafted requests to the ASP.NET Core application. The update addresses the vulnerability by correcting how the ASP.NET Core web application handles web requests. | ||||
| CVE-2020-1045 | 3 Fedoraproject, Microsoft, Redhat | 7 Fedora, Asp.net Core, Enterprise Linux and 4 more | 2026-02-23 | 7.5 High |
| <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p> | ||||
| CVE-2024-11831 | 1 Redhat | 34 Acm, Advanced Cluster Security, Ansible Automation Platform and 31 more | 2026-02-17 | 5.4 Medium |
| A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package. | ||||
| CVE-2023-44487 | 32 Akka, Amazon, Apache and 29 more | 367 Http Server, Opensearch Data Prepper, Apisix and 364 more | 2025-11-07 | 7.5 High |
| The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | ||||
| CVE-2023-36799 | 2 Microsoft, Redhat | 4 .net, Visual Studio 2022, Enterprise Linux and 1 more | 2025-10-30 | 6.5 Medium |
| .NET Core and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2020-1147 | 2 Microsoft, Redhat | 18 .net Core, .net Framework, Sharepoint Enterprise Server and 15 more | 2025-10-29 | 7.8 High |
| A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'. | ||||
| CVE-2023-38180 | 3 Fedoraproject, Microsoft, Redhat | 8 Fedora, .net, Asp.net Core and 5 more | 2025-10-28 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2023-36049 | 2 Microsoft, Redhat | 18 .net, .net Framework, Visual Studio 2022 and 15 more | 2025-10-09 | 7.6 High |
| .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | ||||
| CVE-2023-36558 | 2 Microsoft, Redhat | 5 .net, Asp.net Core, Visual Studio 2022 and 2 more | 2025-10-09 | 6.2 Medium |
| ASP.NET Core Security Feature Bypass Vulnerability | ||||
| CVE-2022-24464 | 3 Fedoraproject, Microsoft, Redhat | 7 Fedora, .net, .net Core and 4 more | 2025-07-08 | 7.5 High |
| .NET and Visual Studio Denial of Service Vulnerability | ||||
| CVE-2022-24512 | 3 Fedoraproject, Microsoft, Redhat | 9 Fedora, .net, .net Core and 6 more | 2025-07-08 | 6.3 Medium |
| .NET and Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2021-22924 | 8 Debian, Fedoraproject, Haxx and 5 more | 55 Debian Linux, Fedora, Libcurl and 52 more | 2025-06-09 | 3.7 Low |
| libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. | ||||
| CVE-2021-22876 | 9 Broadcom, Debian, Fedoraproject and 6 more | 15 Fabric Operating System, Debian Linux, Fedora and 12 more | 2025-06-09 | 5.3 Medium |
| curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request. | ||||
| CVE-2024-0056 | 2 Microsoft, Redhat | 21 .net, .net Framework, Microsoft.data.sqlclient and 18 more | 2025-06-03 | 8.7 High |
| Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability | ||||
| CVE-2024-0057 | 2 Microsoft, Redhat | 19 .net, .net Framework, Powershell and 16 more | 2025-06-03 | 9.1 Critical |
| NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability | ||||
| CVE-2024-21319 | 2 Microsoft, Redhat | 5 .net, Identity Model, Visual Studio 2022 and 2 more | 2025-06-03 | 6.8 Medium |
| Microsoft Identity Denial of service vulnerability | ||||
| CVE-2022-34716 | 2 Microsoft, Redhat | 5 .net, .net Core, Powershell and 2 more | 2025-05-29 | 5.9 Medium |
| .NET Spoofing Vulnerability | ||||
| CVE-2024-21404 | 2 Microsoft, Redhat | 5 Asp.net Core, Visual Studio 2022, Enterprise Linux and 2 more | 2025-05-03 | 7.5 High |
| .NET Denial of Service Vulnerability | ||||
| CVE-2024-21386 | 2 Microsoft, Redhat | 4 Asp.net Core, Visual Studio 2022, Enterprise Linux and 1 more | 2025-05-03 | 7.5 High |
| .NET Denial of Service Vulnerability | ||||