.net Framework Security Vulnerabilities and Issues — .net Framework CVE List

Lucene search

Microsoft.net Framework

235 matches found

CVE•added 2020/01/14 11:15 p.m.•1406 views

CVE-2020-0646

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.

10CVSS9.7AI score0.93121EPSS

CVE•added 2017/09/13 1:29 a.m.•1319 views

CVE-2017-8759

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability."

9.3CVSS7.5AI score0.93893EPSS

CVE•added 2020/07/14 11:15 p.m.•1294 views

CVE-2020-1147

A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.

7.8CVSS8.1AI score0.92742EPSS

CVE•added 2025/01/14 6:15 p.m.•1085 views

CVE-2025-21176

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

8.8CVSS9AI score0.00595EPSS

CVE•added 2015/05/13 10:59 a.m.•1050 views

CVE-2015-1671

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Develo...

9.3CVSS7.3AI score0.74241EPSS

CVE•added 2023/08/08 7:15 p.m.•730 views

CVE-2023-38180

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.8AI score0.00133EPSS

CVE•added 2024/01/09 6:15 p.m.•579 views

CVE-2024-0056

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

8.7CVSS9.1AI score0.00346EPSS

CVE•added 2024/01/09 6:15 p.m.•554 views

CVE-2024-0057

NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

9.8CVSS9.3AI score0.02349EPSS

CVE•added 2023/09/12 5:15 p.m.•499 views

CVE-2023-36799

.NET Core and Visual Studio Denial of Service Vulnerability

6.5CVSS6.9AI score0.01189EPSS

CVE•added 2023/09/12 5:15 p.m.•489 views

CVE-2023-36792

Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.0114EPSS

CVE•added 2023/04/11 9:15 p.m.•487 views

CVE-2023-28260

.NET DLL Hijacking Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.02283EPSS

CVE•added 2023/09/12 5:15 p.m.•485 views

CVE-2023-36793

Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.0136EPSS

CVE•added 2023/09/12 5:15 p.m.•479 views

CVE-2023-36794

Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00878EPSS

CVE•added 2023/09/12 5:15 p.m.•472 views

CVE-2023-36796

Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00884EPSS

CVE•added 2023/09/12 5:15 p.m.•442 views

CVE-2023-36788

.NET Framework Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00281EPSS

CVE•added 2023/10/10 6:15 p.m.•410 views

CVE-2023-38171

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.05105EPSS

CVE•added 2025/01/14 6:15 p.m.•408 views

CVE-2025-21172

.NET and Visual Studio Remote Code Execution Vulnerability

7.5CVSS7.8AI score0.00197EPSS

CVE•added 2021/02/25 11:15 p.m.•404 views

CVE-2021-26701

.NET Core Remote Code Execution Vulnerability

9.8CVSS8.5AI score0.01745EPSS

CVE•added 2023/10/10 6:15 p.m.•394 views

CVE-2023-36435

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.01201EPSS

CVE•added 2024/03/23 12:15 a.m.•384 views

CVE-2024-29059

.NET Framework Information Disclosure Vulnerability

7.5CVSS7.3AI score0.93728EPSS

CVE•added 2024/01/09 7:15 p.m.•377 views

CVE-2024-21319

Microsoft Identity Denial of service vulnerability

6.8CVSS6.6AI score0.00322EPSS

CVE•added 2024/07/09 5:15 p.m.•357 views

CVE-2024-30105

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.6AI score0.0144EPSS

CVE•added 2020/08/17 7:15 p.m.•345 views

CVE-2020-1046

A remote code execution vulnerability exists when Microsoft .NET Framework processes input. An attacker who successfully exploited this vulnerability could take control of an affected system.To exploit the vulnerability, an attacker would need to be able to upload a specially crafted file to a web ...

9.3CVSS8.3AI score0.09677EPSS

CVE•added 2022/03/09 5:15 p.m.•338 views

CVE-2022-24512

.NET and Visual Studio Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.00198EPSS

CVE•added 2015/11/11 12:59 p.m.•316 views

CVE-2015-6099

Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka ".NET Elevation of Privilege Vulnerability."

4.3CVSS4.5AI score0.25179EPSS

CVE•added 2022/05/10 9:15 p.m.•300 views

CVE-2022-23267

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01969EPSS

CVE•added 2025/01/14 6:15 p.m.•297 views

CVE-2025-21173

.NET Elevation of Privilege Vulnerability

7.3CVSS7.2AI score0.02344EPSS

CVE•added 2022/05/10 9:15 p.m.•283 views

CVE-2022-29117

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01512EPSS

CVE•added 2020/01/14 11:15 p.m.•276 views

CVE-2020-0605

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. ...

9.3CVSS8.8AI score0.42556EPSS

CVE•added 2021/02/25 11:15 p.m.•275 views

CVE-2021-24112

.NET Core Remote Code Execution Vulnerability

9.8CVSS9.1AI score0.00755EPSS

CVE•added 2025/01/14 6:15 p.m.•275 views

CVE-2025-21171

.NET Remote Code Execution Vulnerability

7.5CVSS7.8AI score0.00179EPSS

CVE•added 2024/02/13 6:15 p.m.•274 views

CVE-2024-21404

.NET Denial of Service Vulnerability

7.5CVSS7.7AI score0.03703EPSS

CVE•added 2019/07/15 7:15 p.m.•273 views

CVE-2019-1006

An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vulnerability'.

7.5CVSS7.8AI score0.03045EPSS

CVE•added 2024/07/09 5:15 p.m.•271 views

CVE-2024-38095

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS6.4AI score0.01783EPSS

CVE•added 2024/11/12 6:15 p.m.•260 views

CVE-2024-43498

.NET and Visual Studio Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.01428EPSS

CVE•added 2022/05/10 9:15 p.m.•255 views

CVE-2022-29145

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01742EPSS

CVE•added 2024/03/12 5:15 p.m.•250 views

CVE-2024-21392

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.7AI score0.00554EPSS

CVE•added 2022/03/09 5:15 p.m.•244 views

CVE-2022-24464

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01165EPSS

CVE•added 2023/11/14 6:15 p.m.•240 views

CVE-2023-36560

ASP.NET Security Feature Bypass Vulnerability

8.8CVSS8.5AI score0.0417EPSS

CVE•added 2024/11/12 6:15 p.m.•237 views

CVE-2024-43499

.NET and Visual Studio Denial of Service Vulnerability

7.5CVSS7.5AI score0.01198EPSS

CVE•added 2024/03/12 5:15 p.m.•235 views

CVE-2024-26190

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.00623EPSS

CVE•added 2023/11/14 9:15 p.m.•234 views

CVE-2023-36049

.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

9.8CVSS8.7AI score0.02207EPSS

CVE•added 2023/02/14 9:15 p.m.•233 views

CVE-2023-21808

.NET and Visual Studio Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.01397EPSS

CVE•added 2014/10/15 10:55 a.m.•232 views

CVE-2014-4073

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via vectors involving Internet Explorer, aka ".NET ClickOnce Elevation of Privilege Vulnerability."

10CVSS7.4AI score0.29986EPSS

CVE•added 2022/12/13 7:15 p.m.•222 views

CVE-2022-41089

.NET Framework Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.08927EPSS

CVE•added 2024/04/09 5:15 p.m.•219 views

CVE-2024-21409

.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

7.3CVSS7.5AI score0.48268EPSS

CVE•added 2019/05/16 7:29 p.m.•217 views

CVE-2019-0820

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.

7.5CVSS7.2AI score0.03215EPSS

CVE•added 2020/05/21 11:15 p.m.•216 views

CVE-2020-1108

A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.

7.5CVSS7.3AI score0.02352EPSS

CVE•added 2023/11/14 10:15 p.m.•216 views

CVE-2023-36558

ASP.NET Core Security Feature Bypass Vulnerability

6.2CVSS7.5AI score0.00405EPSS

CVE•added 2022/05/10 9:15 p.m.•215 views

CVE-2022-30130

.NET Framework Denial of Service Vulnerability

5.5CVSS4AI score0.0111EPSS

Total number of security vulnerabilities235