Core: Improper processing of XML documents can cause a denial of service

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from...

Microsoft .NET Framework and .NET Core Security Bypass Vulnerability

NET Framework and .NET Core are both products of Microsoft Corporation.Microsoft .NET Framework is a comprehensive and consistent programming model and development platform for building applications for Windows, Windows Store, Windows Server, and Microsoft Azure. NET Framework is a comprehensive...

Security and Quality Rollup for .NET Framework 4.5.2 for Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 (KB 4040977)

Security and Quality Rollup for .NET Framework 4.5.2 for Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2 KB 4040977 Notice This update is included in the Security and Quality Rollup that's dated November 14, 2017. This update was previously released as part of the Preview o...

VulnCheck KEV: CVE-2017-8759

Microsoft .NET Framework contains a remote code execution vulnerability when processing untrusted input that could allow an attacker to take control of an affected system...

Microsoft ASP.NET Core Denial of Service Vulnerability

Microsoft ASP.NET Core is a cross-platform open source framework from Microsoft. The framework is used to build cloud-based applications such as Web One applications, IoT applications, and mobile backends. A denial of service vulnerability exists in Microsoft ASP.NET Core, which arises from the...

Microsoft .NET Framework Security Feature Bypass Vulnerability

Microsoft Windows is the popular computer operating system. A security feature bypass vulnerability exists in the Microsoft .NET Framework and .NET Core component that does not properly validate certificates, which could allow an attacker to bypass certain restrictions and perform unauthorized...

Unspecified Vulnerability in IBM IMS Enterprise Suite Data Provider for Microsoft .NET

IBM IMS Enterprise Suite Data Provider for Microsoft .NET is a solution from IBM USA that provides Microsoft .NET based applications to access and manipulate IMS data. The solution supports access to IMS data from .NET applications using standard SQL queries and handling of IMS connected links an...

The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability exists in the Microsoft.NET Framework, which allows a malicious individual to elevate their privileges within the system...

The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the confidentiality of protected information.

Vulnerability exists in the Microsoft .NET Framework, and it allows attackers to circumvent the ASLR protection mechanism, which safeguards users against a wide range of vulnerabilities. Simply bypassing the protection mechanism itself does not allow the execution of arbitrary code. However,...

The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the confidentiality of protected information.

Vulnerability exists in the Microsoft .NET Framework, and it allows attackers to circumvent the ASLR protection mechanism, which safeguards users against a wide range of vulnerabilities. Simply bypassing the protection mechanism itself does not allow the execution of arbitrary code. However,...

The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the accessibility of protected information.

A vulnerability that can lead to service failure exists in the Microsoft.NET Framework and is related to the processing of specially crafted requests that trigger hash collisions. Exploiting this vulnerability allows an attacker to send a small number of specially crafted requests to the.NET...

The vulnerability of the Microsoft .NET Framework software platform, which allows a malicious individual to elevate privileges

The Microsoft .NET Framework contains a vulnerability related to the TypeFilterLevel checks. Exploiting this vulnerability allows an increase in the level of privileges of existing privileges in the .NET Framework...

The vulnerability of the Microsoft .NET Framework software platform, which allows a perpetrator to gain access to protected information

The vulnerability of the Microsoft .NET Framework software platform is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to protected information by using data in open text format within the client-server da...

The vulnerability of the Microsoft .NET Framework software platform, which allows a perpetrator to forge digital signatures

The vulnerability of the Microsoft .NET Framework software arises from improper validation of digital signatures for individual elements of XML documents. Exploiting this vulnerability allows a malicious actor to forge digital signatures using modified XML documents...

CVE-2016-0132

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 mishandles signature validation for unspecified elements of XML documents, which allows remote attackers to spoof signatures via a modified document, aka ".NET XML Validation Security Feature Bypass."...

The vulnerability of the Microsoft .NET Framework software platform, which allows a perpetrator to obtain confidential information

The vulnerability of the WinForms component of the Microsoft .NET Framework is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to obtain confidential information using specially crafted data...

The vulnerability of the Microsoft .NET Framework software platform, which allows a perpetrator to trigger a service failure

The vulnerability of the Microsoft .NET Framework exists due to the lack of restrictions on recursive compilation of XSLT transformations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause performance degradation by using specially crafted XSLT data...

The vulnerability of the Microsoft .NET Framework software platform, which allows a hacker to bypass the ASLR protection mechanism

The vulnerability of the Microsoft .NET Framework software lies in the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass ASLR protection by using a specially created website...

Microsoft .NET Framework Directory Traversal Vulnerability

Microsoft .NET Framework is a popular software development toolkit. A directory traversal vulnerability in Microsoft .NET Framework versions 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2,4.6 allows remote attackers to read arbitrary files by combining entity references with external entity declaratio...

Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05953)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure NET Framework is a comprehensive and consistent programming model...