.net Framework Security Vulnerabilities and Issues — .net Framework CVE List

Lucene search

Microsoft.net Framework

235 matches found

CVE•added 2020/01/14 11:15 p.m.•1383 views

CVE-2020-0646

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.

10CVSS9.7AI score0.93121EPSS

CVE•added 2017/09/13 1:29 a.m.•1297 views

CVE-2017-8759

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."

9.3CVSS7.5AI score0.93762EPSS

CVE•added 2020/07/14 11:15 p.m.•1271 views

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

7.8CVSS8.1AI score0.92846EPSS

CVE•added 2025/01/14 6:15 p.m.•1065 views

CVE-2025-21176

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

8.8CVSS9AI score0.00528EPSS

CVE•added 2015/05/13 10:59 a.m.•1028 views

CVE-2015-1671

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Develo...

9.3CVSS7.3AI score0.74124EPSS

CVE•added 2023/08/08 7:15 p.m.•708 views

CVE-2023-38180

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.8AI score0.00133EPSS

CVE•added 2024/01/09 6:15 p.m.•576 views

CVE-2024-0056

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

8.7CVSS9.1AI score0.00346EPSS

CVE•added 2024/01/09 6:15 p.m.•533 views

CVE-2024-0057

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

9.8CVSS9.3AI score0.02349EPSS

CVE•added 2023/09/12 5:15 p.m.•497 views

CVE-2023-36799

.NET Core and Visual Studio Denial of Service Vulnerability

6.5CVSS6.9AI score0.00786EPSS

CVE•added 2023/09/12 5:15 p.m.•487 views

CVE-2023-36792

Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.01289EPSS

CVE•added 2023/09/12 5:15 p.m.•483 views

CVE-2023-36793

Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.01537EPSS

CVE•added 2023/09/12 5:15 p.m.•477 views

CVE-2023-36794

Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00994EPSS

CVE•added 2023/09/12 5:15 p.m.•470 views

CVE-2023-36796

Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.01EPSS

CVE•added 2023/04/11 9:15 p.m.•466 views

CVE-2023-28260

.NET DLL Hijacking Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.02283EPSS

CVE•added 2023/09/12 5:15 p.m.•442 views

CVE-2023-36788

.NET Framework Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00281EPSS

CVE•added 2023/10/10 6:15 p.m.•408 views

CVE-2023-38171

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.05105EPSS

CVE•added 2021/02/25 11:15 p.m.•400 views

CVE-2021-26701

.NET Core Remote Code Execution Vulnerability

9.8CVSS8.5AI score0.01745EPSS

CVE•added 2023/10/10 6:15 p.m.•392 views

CVE-2023-36435

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.01201EPSS

CVE•added 2025/01/14 6:15 p.m.•386 views

CVE-2025-21172

.NET and Visual Studio Remote Code Execution Vulnerability

7.5CVSS7.8AI score0.00174EPSS

CVE•added 2024/03/23 12:15 a.m.•364 views

CVE-2024-29059

.NET Framework Information Disclosure Vulnerability

7.5CVSS7.3AI score0.93675EPSS

CVE•added 2024/01/09 7:15 p.m.•356 views

CVE-2024-21319

Microsoft Identity Denial of service vulnerability

6.8CVSS6.6AI score0.00322EPSS

CVE•added 2020/08/17 7:15 p.m.•345 views

CVE-2020-1046

A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system.To exploit the vulnerability, an attacker would need to be able to upload a specially crafted file to a web ...

9.3CVSS8.3AI score0.09677EPSS

CVE•added 2022/03/09 5:15 p.m.•336 views

CVE-2022-24512

.NET and Visual Studio Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.0021EPSS

CVE•added 2024/07/09 5:15 p.m.•336 views

CVE-2024-30105

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.6AI score0.01239EPSS

CVE•added 2015/11/11 12:59 p.m.•315 views

CVE-2015-6099

Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."

4.3CVSS4.5AI score0.25179EPSS

CVE•added 2022/05/10 9:15 p.m.•299 views

CVE-2022-23267

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01762EPSS

CVE•added 2022/05/10 9:15 p.m.•281 views

CVE-2022-29117

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01512EPSS

CVE•added 2025/01/14 6:15 p.m.•277 views

CVE-2025-21173

.NET Elevation of Privilege Vulnerability

7.3CVSS7.2AI score0.02084EPSS

CVE•added 2020/01/14 11:15 p.m.•276 views

CVE-2020-0605

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. ...

9.3CVSS8.8AI score0.42556EPSS

CVE•added 2021/02/25 11:15 p.m.•275 views

CVE-2021-24112

.NET Core Remote Code Execution Vulnerability

9.8CVSS9.1AI score0.00755EPSS

CVE•added 2024/02/13 6:15 p.m.•272 views

CVE-2024-21404

.NET Denial of Service Vulnerability

7.5CVSS7.7AI score0.03703EPSS

CVE•added 2019/07/15 7:15 p.m.•271 views

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

7.5CVSS7.8AI score0.03045EPSS

CVE•added 2022/05/10 9:15 p.m.•255 views

CVE-2022-29145

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01659EPSS

CVE•added 2025/01/14 6:15 p.m.•254 views

CVE-2025-21171

.NET Remote Code Execution Vulnerability

7.5CVSS7.8AI score0.00159EPSS

CVE•added 2024/07/09 5:15 p.m.•252 views

CVE-2024-38095

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS6.4AI score0.01535EPSS

CVE•added 2024/03/12 5:15 p.m.•248 views

CVE-2024-21392

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.7AI score0.00544EPSS

CVE•added 2022/03/09 5:15 p.m.•244 views

CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01236EPSS

CVE•added 2023/11/14 6:15 p.m.•240 views

CVE-2023-36560

ASP.NET Security Feature Bypass Vulnerability

8.8CVSS8.5AI score0.0417EPSS

CVE•added 2024/11/12 6:15 p.m.•240 views

CVE-2024-43498

.NET and Visual Studio Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.01044EPSS

CVE•added 2024/03/12 5:15 p.m.•233 views

CVE-2024-26190

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.00612EPSS

CVE•added 2014/10/15 10:55 a.m.•232 views

CVE-2014-4073

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."

10CVSS7.4AI score0.29986EPSS

CVE•added 2023/11/14 9:15 p.m.•232 views

CVE-2023-36049

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

9.8CVSS8.7AI score0.03285EPSS

CVE•added 2023/02/14 9:15 p.m.•231 views

CVE-2023-21808

.NET and Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.0141EPSS

CVE•added 2022/12/13 7:15 p.m.•221 views

CVE-2022-41089

.NET Framework Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.08927EPSS

CVE•added 2024/11/12 6:15 p.m.•217 views

CVE-2024-43499

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.00856EPSS

CVE•added 2024/04/09 5:15 p.m.•216 views

CVE-2024-21409

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

7.3CVSS7.5AI score0.48268EPSS

CVE•added 2022/05/10 9:15 p.m.•215 views

CVE-2022-30130

.NET Framework Denial of Service Vulnerability

5.5CVSS4AI score0.0111EPSS

CVE•added 2019/05/16 7:29 p.m.•214 views

CVE-2019-0820

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

7.5CVSS7.2AI score0.03188EPSS

CVE•added 2020/05/21 11:15 p.m.•214 views

CVE-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

7.5CVSS7.3AI score0.02352EPSS

CVE•added 2023/11/14 10:15 p.m.•214 views

CVE-2023-36558

ASP.NET Core Security Feature Bypass Vulnerability

6.2CVSS7.5AI score0.00316EPSS

Total number of security vulnerabilities235