.net Core Security Vulnerabilities and Issues — .net Core CVE List

Lucene search

Microsoft.net Core

35 matches found

CVE•added 2020/07/14 11:15 p.m.•1271 views

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

7.8CVSS8.1AI score0.92846EPSS

CVE•added 2020/09/15 10:15 a.m.•418 views

CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli libr...

6.5CVSS6.6AI score0.00388EPSS

CVE•added 2021/02/25 11:15 p.m.•400 views

CVE-2021-26701

.NET Core Remote Code Execution Vulnerability

9.8CVSS8.5AI score0.01745EPSS

CVE•added 2022/03/09 5:15 p.m.•336 views

CVE-2022-24512

.NET and Visual Studio Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.0021EPSS

CVE•added 2022/05/10 9:15 p.m.•299 views

CVE-2022-23267

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01762EPSS

CVE•added 2022/05/10 9:15 p.m.•281 views

CVE-2022-29117

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01512EPSS

CVE•added 2020/01/14 11:15 p.m.•276 views

CVE-2020-0605

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. ...

9.3CVSS8.8AI score0.42556EPSS

CVE•added 2021/02/25 11:15 p.m.•275 views

CVE-2021-24112

.NET Core Remote Code Execution Vulnerability

9.8CVSS9.1AI score0.00755EPSS

CVE•added 2022/05/10 9:15 p.m.•255 views

CVE-2022-29145

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01659EPSS

CVE•added 2022/03/09 5:15 p.m.•244 views

CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01236EPSS

CVE•added 2022/12/13 7:15 p.m.•221 views

CVE-2022-41089

.NET Framework Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.08927EPSS

CVE•added 2019/05/16 7:29 p.m.•214 views

CVE-2019-0820

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

7.5CVSS7.2AI score0.03188EPSS

CVE•added 2020/05/21 11:15 p.m.•214 views

CVE-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

7.5CVSS7.3AI score0.02352EPSS

CVE•added 2022/06/15 10:15 p.m.•213 views

CVE-2022-30184

.NET and Visual Studio Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00512EPSS

CVE•added 2020/01/14 11:15 p.m.•194 views

CVE-2020-0606

9.3CVSS8.8AI score0.42556EPSS

CVE•added 2022/09/13 7:15 p.m.•188 views

CVE-2022-38013

.NET Core and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01393EPSS

CVE•added 2021/08/12 6:15 p.m.•187 views

CVE-2021-34485

.NET Core and Visual Studio Information Disclosure Vulnerability

5.5CVSS5.8AI score0.00707EPSS

CVE•added 2021/08/12 6:15 p.m.•182 views

CVE-2021-26423

.NET Core and Visual Studio Denial of Service Vulnerability

7.5CVSS7.4AI score0.0242EPSS

CVE•added 2021/05/11 7:15 p.m.•181 views

CVE-2021-31204

.NET and Visual Studio Elevation of Privilege Vulnerability

7.8CVSS7.3AI score0.08688EPSS

CVE•added 2022/10/11 7:15 p.m.•175 views

CVE-2022-41032

NuGet Client Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.09029EPSS

CVE•added 2022/08/09 8:15 p.m.•173 views

CVE-2022-34716

.NET Spoofing Vulnerability

5.9CVSS5.9AI score0.0075EPSS

CVE•added 2018/05/09 7:29 p.m.•172 views

CVE-2018-0765

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6/4.6.1/4....

7.5CVSS7.2AI score0.05916EPSS

CVE•added 2019/05/16 7:29 p.m.•171 views

CVE-2019-0980

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.

7.5CVSS7.3AI score0.03188EPSS

CVE•added 2021/06/08 11:15 p.m.•167 views

CVE-2021-31957

ASP.NET Core Denial of Service Vulnerability

7.5CVSS6AI score0.03841EPSS

CVE•added 2019/05/16 7:29 p.m.•161 views

CVE-2019-0981

7.5CVSS7.3AI score0.03188EPSS

CVE•added 2018/01/10 1:29 a.m.•154 views

CVE-2018-0764

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CV...

7.5CVSS6.4AI score0.22007EPSS

CVE•added 2021/02/25 11:15 p.m.•153 views

CVE-2021-1721

.NET Core and Visual Studio Denial of Service Vulnerability

6.5CVSS6.6AI score0.07042EPSS

CVE•added 2019/03/06 12:0 a.m.•143 views

CVE-2019-0657

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

5.9CVSS6.7AI score0.0553EPSS

CVE•added 2019/01/08 9:29 p.m.•131 views

CVE-2019-0545

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .N...

7.5CVSS6.7AI score0.05995EPSS

CVE•added 2018/10/10 1:29 p.m.•130 views

CVE-2018-8292

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.

7.5CVSS7AI score0.03238EPSS

CVE•added 2019/09/11 10:15 p.m.•129 views

CVE-2019-1301

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.

7.5CVSS7.2AI score0.02751EPSS

CVE•added 2018/01/10 1:29 a.m.•120 views

CVE-2018-0786

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."

7.5CVSS6.2AI score0.01188EPSS

CVE•added 2018/11/14 1:29 a.m.•112 views

CVE-2018-8416

A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1.

6.5CVSS6.4AI score0.01981EPSS

CVE•added 2018/07/11 12:29 a.m.•110 views

CVE-2018-8356

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2...

5.5CVSS6.3AI score0.00356EPSS

CVE•added 2018/09/13 12:29 a.m.•109 views

CVE-2018-8409

A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.

7.5CVSS7.2AI score0.07554EPSS