The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.

.NET Denial of Service Vulnerability

.NET Denial of Service Vulnerability

ASP.NET Core Security Feature Bypass Vulnerability

ASP.NET Core Denial of Service Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability

ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability

ASP.NET Core and Visual Studio Information Disclosure Vulnerability