.net Core Security Vulnerabilities and Issues — .net Core CVE List

Lucene search

Microsoft.net Core

35 matches found

CVE•added 2020/07/14 11:15 p.m.•1304 views

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

7.8CVSS8.1AI score0.92798EPSS

In wildWeb

CVE•added 2020/09/15 10:15 a.m.•424 views

CVE-2020-8927

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli libr...

6.5CVSS6.6AI score0.00388EPSS

CVE•added 2021/02/25 11:15 p.m.•404 views

CVE-2021-26701

.NET Core Remote Code Execution Vulnerability

9.8CVSS8.5AI score0.01745EPSS

CVE•added 2022/03/09 5:15 p.m.•340 views

CVE-2022-24512

.NET and Visual Studio Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.00247EPSS

CVE•added 2022/05/10 9:15 p.m.•302 views

CVE-2022-23267

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01969EPSS

CVE•added 2022/05/10 9:15 p.m.•286 views

CVE-2022-29117

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01512EPSS

CVE•added 2020/01/14 11:15 p.m.•276 views

CVE-2020-0605

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. ...

9.3CVSS8.8AI score0.42556EPSS

CVE•added 2021/02/25 11:15 p.m.•276 views

CVE-2021-24112

.NET Core Remote Code Execution Vulnerability

9.8CVSS9.1AI score0.00755EPSS

CVE•added 2022/05/10 9:15 p.m.•258 views

CVE-2022-29145

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01947EPSS

CVE•added 2022/03/09 5:15 p.m.•247 views

CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01473EPSS

CVE•added 2022/12/13 7:15 p.m.•223 views

CVE-2022-41089

.NET Framework Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.08927EPSS

CVE•added 2020/05/21 11:15 p.m.•221 views

CVE-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

7.5CVSS7.3AI score0.03486EPSS

CVE•added 2019/05/16 7:29 p.m.•218 views

CVE-2019-0820

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

7.5CVSS7.2AI score0.03215EPSS

CVE•added 2022/06/15 10:15 p.m.•216 views

CVE-2022-30184

.NET and Visual Studio Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00657EPSS

CVE•added 2020/01/14 11:15 p.m.•194 views

CVE-2020-0606

9.3CVSS8.8AI score0.42556EPSS

CVE•added 2021/08/12 6:15 p.m.•193 views

CVE-2021-34485

.NET Core and Visual Studio Information Disclosure Vulnerability

5.5CVSS5.8AI score0.00707EPSS

CVE•added 2022/09/13 7:15 p.m.•190 views

CVE-2022-38013

.NET Core and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01393EPSS

CVE•added 2021/08/12 6:15 p.m.•188 views

CVE-2021-26423

.NET Core and Visual Studio Denial of Service Vulnerability

7.5CVSS7.4AI score0.0242EPSS

CVE•added 2021/05/11 7:15 p.m.•183 views

CVE-2021-31204

.NET and Visual Studio Elevation of Privilege Vulnerability

7.8CVSS7.3AI score0.08688EPSS

CVE•added 2022/10/11 7:15 p.m.•179 views

CVE-2022-41032

NuGet Client Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.09559EPSS

CVE•added 2022/08/09 8:15 p.m.•175 views

CVE-2022-34716

.NET Spoofing Vulnerability

5.9CVSS5.9AI score0.00963EPSS

CVE•added 2019/05/16 7:29 p.m.•173 views

CVE-2019-0980

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka '.Net Framework and .Net Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.

7.5CVSS7.3AI score0.03215EPSS

CVE•added 2018/05/09 7:29 p.m.•172 views

CVE-2018-0765

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6/4.6.1/4....

7.5CVSS7.2AI score0.07821EPSS

CVE•added 2021/06/08 11:15 p.m.•169 views

CVE-2021-31957

ASP.NET Core Denial of Service Vulnerability

7.5CVSS6AI score0.03841EPSS

CVE•added 2019/05/16 7:29 p.m.•163 views

CVE-2019-0981

7.5CVSS7.3AI score0.03215EPSS

CVE•added 2018/01/10 1:29 a.m.•155 views

CVE-2018-0764

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of service vulnerability due to the way XML documents are processed, aka ".NET and .NET Core Denial Of Service Vulnerability". This CVE is unique from CV...

7.5CVSS6.4AI score0.22007EPSS

CVE•added 2021/02/25 11:15 p.m.•154 views

CVE-2021-1721

.NET Core and Visual Studio Denial of Service Vulnerability

6.5CVSS6.6AI score0.07042EPSS

CVE•added 2019/03/06 12:0 a.m.•145 views

CVE-2019-0657

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

5.9CVSS6.7AI score0.05691EPSS

CVE•added 2019/01/08 9:29 p.m.•132 views

CVE-2019-0545

An information disclosure vulnerability exists in .NET Framework and .NET Core which allows bypassing Cross-origin Resource Sharing (CORS) configurations, aka ".NET Framework Information Disclosure Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .N...

7.5CVSS6.7AI score0.05995EPSS

CVE•added 2018/10/10 1:29 p.m.•131 views

CVE-2018-8292

An information disclosure vulnerability exists in .NET Core when authentication information is inadvertently exposed in a redirect, aka ".NET Core Information Disclosure Vulnerability." This affects .NET Core 2.1, .NET Core 1.0, .NET Core 1.1, PowerShell Core 6.0.

7.5CVSS7AI score0.03179EPSS

CVE•added 2019/09/11 10:15 p.m.•131 views

CVE-2019-1301

A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.

7.5CVSS7.2AI score0.02751EPSS

CVE•added 2018/01/10 1:29 a.m.•120 views

CVE-2018-0786

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."

7.5CVSS6.2AI score0.01143EPSS

CVE•added 2018/11/14 1:29 a.m.•114 views

CVE-2018-8416

A tampering vulnerability exists when .NET Core improperly handles specially crafted files, aka ".NET Core Tampering Vulnerability." This affects .NET Core 2.1.

6.5CVSS6.4AI score0.01944EPSS

CVE•added 2018/07/11 12:29 a.m.•110 views

CVE-2018-8356

A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2...

5.5CVSS6.3AI score0.00356EPSS

CVE•added 2018/09/13 12:29 a.m.•110 views

CVE-2018-8409

A denial of service vulnerability exists when System.IO.Pipelines improperly handles requests, aka "System.IO.Pipelines Denial of Service." This affects .NET Core 2.1, System.IO.Pipelines, ASP.NET Core 2.1.

7.5CVSS7.2AI score0.07554EPSS