.net Core Security Vulnerabilities and Issues — .net Core CVE List

Lucene search

Microsoft.net Core

32 matches found

CVE•added 2020/07/14 11:15 p.m.•1309 views

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

7.8CVSS8.1AI score0.92742EPSS

In wildWeb

CVE•added 2020/09/15 10:15 a.m.•427 views

CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli libr...

6.5CVSS6.6AI score0.00388EPSS

CVE•added 2021/02/25 11:15 p.m.•406 views

CVE-2021-26701

.NET Core Remote Code Execution Vulnerability

9.8CVSS8.5AI score0.01745EPSS

CVE•added 2022/03/09 5:15 p.m.•344 views

CVE-2022-24512

.NET and Visual Studio Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.00247EPSS

CVE•added 2022/05/10 9:15 p.m.•306 views

CVE-2022-23267

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.04725EPSS

CVE•added 2022/05/10 9:15 p.m.•289 views

CVE-2022-29117

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01609EPSS

CVE•added 2021/02/25 11:15 p.m.•278 views

CVE-2021-24112

.NET Core Remote Code Execution Vulnerability

9.8CVSS9.1AI score0.00817EPSS

CVE•added 2020/01/14 11:15 p.m.•277 views

CVE-2020-0605

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. ...

9.3CVSS8.8AI score0.49116EPSS

CVE•added 2022/05/10 9:15 p.m.•261 views

CVE-2022-29145

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.03535EPSS

CVE•added 2022/03/09 5:15 p.m.•249 views

CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01473EPSS

CVE•added 2020/05/21 11:15 p.m.•227 views

CVE-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

7.5CVSS7.3AI score0.03486EPSS

CVE•added 2019/05/16 7:29 p.m.•221 views

CVE-2019-0820

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

7.5CVSS7.2AI score0.03215EPSS

CVE•added 2022/06/15 10:15 p.m.•220 views

CVE-2022-30184

.NET and Visual Studio Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00657EPSS

CVE•added 2020/01/14 11:15 p.m.•196 views

CVE-2020-0606

9.3CVSS8.8AI score0.49116EPSS

CVE•added 2021/08/12 6:15 p.m.•195 views

CVE-2021-34485

.NET Core and Visual Studio Information Disclosure Vulnerability

5.5CVSS5.8AI score0.00707EPSS

CVE•added 2022/09/13 7:15 p.m.•192 views

CVE-2022-38013

.NET Core and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.00891EPSS

CVE•added 2021/08/12 6:15 p.m.•191 views

CVE-2021-26423

.NET Core and Visual Studio Denial of Service Vulnerability

7.5CVSS7.4AI score0.0242EPSS

CVE•added 2021/05/11 7:15 p.m.•185 views

CVE-2021-31204

.NET and Visual Studio Elevation of Privilege Vulnerability

7.8CVSS7.3AI score0.08688EPSS

CVE•added 2022/10/11 7:15 p.m.•181 views

CVE-2022-41032

NuGet Client Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.14654EPSS

CVE•added 2022/08/09 8:15 p.m.•179 views

CVE-2022-34716

.NET Spoofing Vulnerability

5.9CVSS5.9AI score0.00963EPSS

CVE•added 2019/05/16 7:29 p.m.•176 views

CVE-2019-0980

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.

7.5CVSS7.3AI score0.03215EPSS

CVE•added 2018/05/09 7:29 p.m.•174 views

CVE-2018-0765

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6/4.6.1/4....

7.5CVSS7.2AI score0.07821EPSS

CVE•added 2021/06/08 11:15 p.m.•172 views

CVE-2021-31957

ASP.NET Core Denial of Service Vulnerability

7.5CVSS6AI score0.03841EPSS

CVE•added 2019/05/16 7:29 p.m.•166 views

CVE-2019-0981

7.5CVSS7.3AI score0.03215EPSS

CVE•added 2018/01/10 1:29 a.m.•158 views

CVE-2018-0764

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CV...

7.5CVSS6.4AI score0.22007EPSS

CVE•added 2021/02/25 11:15 p.m.•156 views

CVE-2021-1721

.NET Core and Visual Studio Denial of Service Vulnerability

6.5CVSS6.6AI score0.07042EPSS

CVE•added 2019/03/06 12:0 a.m.•148 views

CVE-2019-0657

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

5.9CVSS6.7AI score0.05691EPSS

CVE•added 2019/01/08 9:29 p.m.•133 views

CVE-2019-0545

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .N...

7.5CVSS6.7AI score0.05995EPSS

CVE•added 2019/09/11 10:15 p.m.•133 views

CVE-2019-1301

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.

7.5CVSS7.2AI score0.02751EPSS

CVE•added 2018/01/10 1:29 a.m.•123 views

CVE-2018-0786

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."

7.5CVSS6.2AI score0.01143EPSS

CVE•added 2018/07/11 12:29 a.m.•112 views

CVE-2018-8356

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2...

5.5CVSS6.3AI score0.00356EPSS

CVE•added 2018/09/13 12:29 a.m.•112 views

CVE-2018-8409

A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.

7.5CVSS7.2AI score0.1289EPSS